How to keep the lights on when hackers target vulnerable infrastructure

It’s bad enough when hackers swipe personal data such as credit card information and social security numbers. There’s one area where hackers could really hurt all of us, if they hit it hard enough.

And that’s a country’s infrastructure.

We’ve already seen what ransomware can do to aging infrastructure at UK hospitals and airports with WannaCry, but those aren’t the only vulnerable systems out there. In Dallas earlier this year, hackers were able to penetrate the city’s alarm system and set them to go off in the earliest hours of the morning leading people to believe there was danger and flood 911 with calls.

And the list goes on.

Painting a bleak picture

Each of these attacks illustrates a broader danger, one that could compromise things like water supplies. Take it from a UK-based water utility company, where an IT staffer was colluding with his brother over in India, who worked as part of the utility’s outsourced call center staff.

While eventually caught, the brothers had made off with $600,000 in a scam where the one brother would initiate an account refund, the second brother would approve it, and they would shuffle the funds around after the fact. Except as a result of those refunds, user accounts (and therefore their water supply) were shut down, even if it was just for a short amount of time as the utility sorted the situation out.

Then there was the New York dam that was caught up in a hacking ring last year. The Bowman Avenue Dam is described as small, unsung and insignificant to the nation’s infrastructure, which might seem like the silver lining to the attack.

But that’s the kind of thinking that can put actual lives in danger – such as overburdening 911 operators and drowning out real emergencies, crippling a hospital’s network, or tampering with someone’s water supply.

Future attacks are always imminent

So where are we going with this, beyond providing some unsettling examples of how things can fall right out from underneath us? Well, researchers at ESET, a Slovakian anti-virus software maker, and Dragos Inc., a U.S. critical-infrastructure security firm, have discovered malware called Crash Override that could be used to take down power grids. And they know it works because it was used to take down Ukraine’s power grid in Dec 2015.

The two firms released warnings that, with some modifications, it could be deployed against multiple systems – one of them based in the U.S.

That’s all fine and well, you may be thinking, but I don’t work in the government.

Except when the power goes out, does your facility management team’s emergency response plan include how IT’s systems should be recovered and protected? Is your team fully prepared to bring the systems back online in a way that doesn’t cause longer delays? Are there lists of emergency contacts to notify, with a clear IT response team in place?

If you don’t immediately know the answers or can’t reference them, getting the ball rolling on creating a clear action plan might be a good idea.

Double-check that there’s a local-sourced backup power supply for your data center and/or building. This is a quick step you can take as it involves just a quick chat with facilities or your data center.