‘killware’ Raises the Stakes in the Game of Cyber Security.
As Business Leaders and IT Professionals continue efforts to get off their heels and in front of cyber criminals, the threats are changing and making it more important than ever to protect our most valuable commodity – data.
While ransom events like Colonial Pipeline and Solar Winds certainly grabbed national attention, bad actors continue to quietly evolve their efforts. Colonial Pipeline reminded us that long gas lines, a 5-day shut down and $5M in crypto-currency are without question, undesirable circumstances. Solar Winds showed us that questions around data security in government agencies including the Pentagon, Homeland Security and the State Department are never welcome. Malware is center stage and the complexities of dwell time, customer confidence and lost revenue, to name a few, are real issues. Sadly, this seems to be the starting point for bad actors.
Enter killware.
Homeland Security Secretary Alejandro Mayorkas sounded the alarm regarding killware last week in an interview with USA Today. Referencing an attack on the Oldmsar, Florida water system earlier this year, he remarked, ‘The attempted hack of this water treatment facility in February 2021 demonstrated the grave risks that malicious cyber activity poses to public health and safety.’ The attack was intended to distribute contaminated water to residents.
In 2017, Julian Gutmanis, an experienced cyber first responder, was called to an undisclosed Saudi Arabian petrochemical plant where Triton malware had been deployed in an effort to disable safety systems.
In September of last year, Universal Health Services went to paper and diverted incoming ambulances in response to a cyberattack.
Malware is no longer just an issue of business continuity and profit. The next evolution, killware, is a matter of safety.
When it comes to protecting mission critical data, whether it’s accounts receivables, configuration files for day-to-day operations, or even safety systems, ‘good’ is no longer good enough.
On June 2, the White House issued guidance on protecting against ransomware. Among the recommendations, network segmentation was one of the highlights. Dell Technologies’ Power Protect Cyber Recovery solution differentiates by vaulting mission critical data behind an air gap.
Dell’s solution goes one step further by analyzing each replication to the vault at the content level. Using AI, ML and over 100 metrics, the Dell solution ensures integrity of the data by looking for indications of suspicious activity represented by encryption, corruption, and unusual change rates, to name a few. By focusing on the integrity of the data and by analyzing replications at the content level (competing solutions fall short by only looking at the meta-data), customers have the confidence that data in the vault is free of malware.
Multiple copies of data are important, unless they are all just copies of malware.
For a detailed discussion around Cyber Recovery strategies and Abtech Technologies’ 30-year tradition of services, please feel free to reach out at tfrederking@abtechtechnologies.com.