Up until now, hackers and cyber criminals have principally focused on causing monetary damage. Ransomware is the best example of this, and RB’s Computer Service has written extensively on how to protect your network from ransomware. However, recent attacks on critical infrastructure confirms that a new breed of hackers and cyber criminals are out there to simply cause harm. For example, an incident at a water plant in Oldsmar, Florida confirms this. This hacker’s intention was to cause water contamination that could have harmed people drawing on the Oldsmar water supply. Fortunately, the cyber-attack was stopped before the water quality was affected (Panda Security Staff, Panda Security, What is killware?, October 21st, 2021, https://www.pandasecurity.com/en/mediacenter/security/what-is-killware/). This new type of malware and cyber-attack is called “killware,” not because killware can directly harm you after it gets into your computer or network, but instead is based on killware’s intention, to cause real life harm.
Unfortunately, the Oldsmar hack was not a one off. Government agencies recently revealed three additional killware attacks this year (Panda Security Staff, Panda Security, What is killware?, October 21st, 2021, https://www.pandasecurity.com/en/mediacenter/security/what-is-killware/). Admittedly, it appears that hospitals, the oil and gas industry, Police and Fire Departments, food processing facilities and so on are the targets for killware, versus the average consumer. But nowadays more and more people are working from home, and the interconnectedness to on and off-site networks create vulnerabilities that hackers could exploit. As a result, both consumers and businesses would be wise to take action to protect against these vulnerabilities. Although most people don’t work directly for, or do business with their local water treatment facility, almost everyone is connected to their local power grid through an online account. RB’s Computer Service can help you assess your computer(s) and network(s) vulnerabilities and help you devise and implement a plan to protect against them.
How do you protect against Killware?
Killware is not some new type of malicious code, although it is a safe bet new malware will be created by hackers and cyber criminals to be used as killware. As noted above, killware is defined by a hacker’s intention in deploying the malware, to cause real life harm. The types of malware that could be used to deploy a killware intention are the usual suspects, anything from spyware, adware, trojans, and viruses, to phishing and ransomware. Thus, everyone should keep a “tight handle on their computer and networks behavior including every end point (Russell Gray, MixMobile, What is Killware: How to Protect Yourself from these Next-Generation Cyberattacks, October 28th, 2021, https://mixmode.ai/blog/what-is-killware-how-to-protect-yourself-from-these-next-generation-cyberattacks/).”
In the Oldsmar water treatment plant killware attempt, it was later learned the facility was partially controlled by “Team Viewer,” a remote access software. The Team Viewer enabled the employees to conduct remote system checks and respond to alarms. All the personnel used computers connected to a 32-bit Windows 7 operating system and shared the same password for remote access. Furthermore, the facility had no firewall protection installed on its network (David Ruiz, Malwarebytes Blog, “Killware”: Is it just as bad as it sounds?, October 18th, 2021, https://blog.malwarebytes.com/cybercrime/2021/10/killware-is-it-just-as-bad-as-it-sounds/).
The Oldsmar example demonstrates the first thing you can do to protect yourself against killware is to assess your vulnerabilities and embrace the basics; get a good anti-virus software on your computer(s), get a commercial-grade router, upgrade to Windows 10, and create and use unique passwords using a Password Manager. There are other things you can and should do to protect your computer(s) and network(s), and RB’s Computer Service can help you navigate them. For others that have the basics, but need more protection, RB’s Computer Service offers Remote IT Support and Managed IT Service Agreements.