Destructive Hacks Growing

Monday, April 13, 2015 @ 07:04 PM gHale


Looking at the petroleum industry, thieves were able to manipulate equipment in order to divert resources from a company.

While that attack never got big headlines in a newspaper or a report on CNN, it is becoming a bit clearer that hack attacks that destroy data rather than steal it or assaults that manipulate equipment are far more prevalent than widely believed, a new survey said.

RELATED STORIES
BYOD, Cloud Security Risk Growing
DDoS Attacks Less Frequent, More Complex
Detected Vulnerabilities on Rise: Report
Insider Threat a Security Imperative

The survey by the Organization of American States (OAS) found 40 percent of respondents had battled attempts to shut down their computer networks, 44 percent had dealt with bids to delete files and 54 percent had encountered “attempts to manipulate” their equipment through a control system.

On top of that, 60 percent of the 575 respondents said they had detected any attempts to steal data, long considered the predominant hacking goal.

By far the best known destructive hack attack on U.S. soil was the electronic assault last year on Sony Corp’s Sony Pictures Entertainment, which wiped data from the Hollywood fixture’s machines and rendered some of its internal networks inoperable.

Destruction of data presents little technical challenge compared with penetrating a network, so the infrequency of publicized incidents fell to a lack of motive for attackers.

Now that hacking tools are easily attainable, more criminals, activists, spies and business rivals are experimenting with such methods.

“Everyone got outraged over Sony, but far more vulnerable are these services we depend on day to day,” said Adam Blackwell, secretary of multidimensional security at the Washington, D.C.-based group of 35 nations.

The survey went to companies and agencies in crucial sectors as defined by the OAS members. Almost a third of the respondents were public entities, with communications, security and finance being the most heavily represented industries.

The questions did not delve into detail, leaving the amount of typical losses from breaches and the motivations of suspected attackers as matters for speculation. Respondents did not end up asked if the attempted hacks succeeded, and, additionally, some attacks could have occurred without their knowledge.

The survey did allow anonymous participants to provide a narrative of key events if they chose.

In addition to the petroleum industry case, Blackwell said one story of destruction involved a financial institution. Hackers stole money from accounts and then deleted records to make it difficult to reconstruct which customers were entitled to what funds.

“That was a really important component” of the attack, Blackwell said.

Blackwell said flat security budgets and uneven government involvement could mean criminal thefts of resources, such as power, could force blackouts or other safety threats.

Trend Micro’s Chief Cybersecurity Officer Tom Kellermann said additional destructive or physical attacks came from political activists and organized crime groups. Trend Micro compiled the report for the OAS.

“We are facing a clear and present danger where we have non-state actors willing to destroy things,” he said. “This is going to be the year we suffer a catastrophe in the hemisphere, and when you will see kinetic response to a threat actor.”

“Ransomware,” which encrypts data files and demands payment sent to remote hackers, could also fall under the heading of destructive, since it often leaves information unrecoverable.



Leave a Reply

You must be logged in to post a comment.