Continuity News
Gryphon Partners is pleased to present volume 3 of Continuity News, the biweekly newsletter focusing on a wide spectrum of emerging threats and offering mitigation strategies. If you would like more information on how we can help your organization, please write us at info@kathryncostellophotography.com
Current Issues Affecting Continuity
Continuity programs allow for the vital business operations to continue uninterrupted in all circumstances, minimize damage and allow management to be in a good position to direct reconstruction of damaged infrastructure. Almost every incident that affects business operations can be prevented or mitigated with a good continuity plan.
All industries
Cyber-attacks always happen to the other guys.
In December 2016, the lights went out in Kiev. It was restored in a few hours but it wasn’t until June 12, 2017 that the cause was disclosed after security researchers spent six months trying to figure out not only what the specific cause was, but also why cyber criminals would choose to attack an electrical grid at midnight when there is little demand and knowing that the outage could be quickly resolved.
The malicious code, dubbed “CrashOverride” and “Industroyer” may have been inserted into the SCADA (Supervisory Control and Data Acquisition) systems much earlier and this outage was merely a test run to see if it works – it worked.
Researchers believe that SCADA systems (that control a variety of industries from the electrical grid, water and waste treatment plants to oil production facilities) in Europe and the Middle East are also at immediate risk any without modifications to the malware and may already be present on many systems.
With simple modifications to the software, the researchers have said that North American systems are at risk as well and the US Department of Energy and industry groups are warning US and Canadian energy providers of the imminent danger.
When SCADA systems were first introduced in the 1940’s, security wasn’t an issue and when these systems went “on-line” in the 1980’s, security wasn’t a consideration. Even today, securing these systems is an afterthought because all the disruptions to date targeted systems in faraway places like Iran and the Ukraine – now the threat affects every country in the world.
But it gets worse. Cyber criminals are getting sneakier in how they work.
We are all smart. We’ve learned not to click on links in emails from strangers and to hover our mouse over links to determine where they really lead. We know that the email from our boss asking us to transfer money to an unusual account might not really be from our boss.
Now there is a new and novel threat targeting accounting departments in major industries worldwide. This threat comes from emails coming from what appears to be your clients and includes a PowerPoint or Word document.
These email attachments will easily be cleared by your organization’s anti-virus programs but the links that are imbedded are malicious. The difference is that you don’t need to click on the links – just hovering over the link will install the program that steals banking information.
Each of these threats can be lessened by a good continuity strategy. We can provide experts to review the security of your SCADA systems and develop plans to help keep them secure. We can also create tailor made training programs to keep your organization safe from malware since most malware attacks are innocently enabled by poor cyber security practices.
As a final note, we are safe because we switched to Apple Macs and there aren’t any malware programs written for Macs, right?
Just this week, researchers identified two malicious programs written specifically for the Mac. Called MacSpy and MacRansom, they do exactly what they are called and are even more dangerous as most Mac users erroneously believe that they are immune to malicious software. Some researchers are calling this the “Big Mac Attack.”
Regardless of the operating system your organization uses, you must always stay one step ahead of the bad guys, have plans to reduce your vulnerabilities and be prepared to respond adequately to minimize operational disruptions.