Connect with us

Hi, what are you looking for?

Tech & Science

New malware threat is directed towards the energy sector

New malware is targeting energy facilities in the U.S, including liquefied natural gas plants.

US federal agencies warned hackers were targeting the business sector using malware that can lead to ransomware attacks - © AFP
US federal agencies warned hackers were targeting the business sector using malware that can lead to ransomware attacks - © AFP

The new malware that was reportedly designed to target energy facilities in the U.S. This includes the possibility of the malware being directed towards liquefied natural gas plants in particular.

The possibility was explored during a recent 60 Minutes interview with CISA Director Jen Easterly on U.S. television. The interview also explained how Russian state actors are systematically scanning, probing, looking for opportunities.

Reacting to this, cybersecurity evangelist and privilege access management expert Raj Dodhiawala, president of Remediant, says the possibility of such an incident is terrifying.

Dodhiawala explains that taking over Supervisory Control and Data Acquisition (SCADA) systems is terrifying and could allow cybercriminals to inflict detrimental damage.

Dodhiawala  also acknowledges the recent notifications from U.S. federal agencies concerning on how hackers have developed new tools allowing them to “gain full system access” to multiple industrial control devices.

Dodhiawala tells Digital Journal the risks presented to the energy sector: “Attacks targeting the industrial control systems have the potential to be devastating. What’s concerning about this type of malware is that it creates a new administrator account when it’s attacking a system — specifically industrial control systems.”

Outlining the specific modes, Dodhiawala says: “Establishing administrator or system permissions allows the attacker to compromise other accounts that log into the system. The attacker can then move laterally through the environment.”

What follows is quite dangerous, says Dodhiawala: “Once cyberattackers get a toehold on any system, elevating privileges and moving laterally to find crown jewels become relatively straightforward. And, fixing the vulnerability is more difficult and disruptive after the fact, rather than being proactive to prevent the attacks.”

Dodhiawala  then asks what’s this mean for organizations? In answering this, Dodhiawala  explains: “The majority of today’s attackers accomplish their mission by leveraging privilege (or admin) account sprawl — a very large attack surface. CISA’s memorandums distinguish between authentication and authorization, but it does not go far enough to establish layered protection, which will prevent attackers from gaining any elevated privileges.”

Dodhiawala adds: “This includes protecting admin authorization, and protecting organizations against the discovery of admin credentials, hashes or secrets from inside the network. Either way, organizations need to take this seriously and not delay.”

Dodhiawala concludes with a stark warning: “I cannot urge this enough — listen to the CISA and other federal agencies. This is not an exercise, it’s real.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Calling for urgent action is the international medical humanitarian organization Doctors Without Borders/Médecins Sans Frontières (MSF)

World

Immigration is a symptom of a much deeper worldwide problem.

Business

Saudi Aramco President & CEO Amin Nasser speaks during the CERAWeek oil summit in Houston, Texas - Copyright AFP Mark FelixPointing to the still...

Business

A recent article in the Wall Street Journal infers that some workers might be falling out of the job market altogether.