A strain of malware that goes after industrial plants found that nearly 3,000 a year are infected with malware, signaling that hackers could potentially have real-life effects from their cybercrimes.
The team at Dragos Security has been researching malware in the industrial sector. Dark Reading reports that Dragos has found backdoor malware posing as an update to a critical system has been infecting systems since 2013.
Dragos also found that many of these industrial sites had misconfigured files that were found during searches for malware. So some of these legitimate files were able to be discovered and used against companies as they represented security loopholes.
What they didn’t find
One thing that isn’t prevalent in this information: the real-life destruction of equipment triggered by malware such as the now-famous Stuxnet virus.
As is often the case with cybersecurity, the reality is much more boring and less headline-grabbing than the sensational stories. Systems were more likely to be infected by run-of-the-mill malware variants than any top-secret targeted campaign.
Much like zero-days are frightening, but less common than known vulnerabilities, these malware samples showed that IT in general needs to be on the lookout for known threats.
That’s not to say ordinary malware isn’t as dangerous as specially crafted variants. An infection can open the door to any number of adverse effects.
Any amount of information gleaned from an attack could be used later for a truly devastating one, such as taking down services or machines through a cyber attack.
Best bet: Before worrying about “the big one,” make sure you have protections in place to catch the little intrusions: including automatic processes and a robust user security training program.