Ransomware hackers targeted 3 U.S. water systems in 2021

Image for the article titled Ransomware Hackers reportedly targeted three different U.S. water systems this year alone

photo: Justin Sullivan (Getty Images)

Ransomware gangs targeted several water facilities in the United States this year, according to a new government report. The news represents a frightening escalation in cybercrime and shows that hackers are increasingly willing to risk human lives for the sake of money.

A joint advisory, released Thursday by the Cybersecurity and Infrastructure Security Agency, the FBI, the NSA and the Environmental Protection Agency, revealed three previously unknown incidents of malware attacks on water systems across the country. Most of the incidents in recent months have occurred unnoticed by the public, according to the report.

The incidents began in March when an unnamed water facility in Nevada was infected with an “unknown” variant of ransomware. the report says. The malware affected the facility’s surveillance and data collection system, or SCADA– the central operational IT, which is usually used by large companies to remotely monitor and manipulate industrial systems. The malware also affected the facility’s backup system.

Months later, in July, a similar incident occurred in Maine where malicious actors misused remote access tools to unleash ransomware on another facility’s SCADA. Another incident occurred a month later, this time in California, where water utility workers discovered digital ransom notes on multiple servers. Similar incidents reportedly occurred at plants in New Jersey and Kansas in 2020 and 2019, the report said.

According to the report, these systems may have been compromised by a number of rudimentary security schemes or penetration techniques. Spear phishing against facility employees, targeting “unsupported or outdated operating systems and software”, and exploiting control systems that are loaded with vulnerable firmware are all avenues of entry, according to the report.

Improper manipulation of the technical equipment in water systems could, in some cases, effectively poison a water supply. For example, an incident earlier this year in Oldsmar, Florida., saw an unknown hacker hijack the city’s water system and raise its sodium hydroxide levels to toxic levels. The incident was never fully resolved.

Ransomware, which has existed for decades, has become an increasingly destructive force both in the US and around the world. A virtual meeting of the White House on Tuesday that senior officials from up to 31 different countries came together to discuss the ransomware threat and what steps could be taken to advance an internationally coordinated approach to address it.

On Friday also the Financial Crimes Network (FinCEN) of the US Treasury Department published a report shows the extent to which the ransomware industry has flourished in recent years, with much of its growth apparently being driven by cryptocurrencies. According to the report, investigators uncovered approximately $ 5.2 billion worth of Bitcoin payments that are “potentially linked to ransomware operations.” That’s a lot of malware.


About Author

Leave A Reply