The next target of hackers for ransomware could be water treatment plants. A new form of ransomware has been developed by scientists that can take control of a water treatment plant. The simulation was to show how hackers may manipulate the amount of chlorine added to water and display incorrect readings after gaining access to such management systems.
The attack was designed to highlight vulnerabilities in the system that is used to operate industrial facilities such as manufacturing plants and water and wastewater treatment facilities.
Though no real ransomware attacks have been publicly reported on industrial control systems, these attacks have become a significant problem for patient data in hospitals and customer data in businesses. Attackers initially get access to these systems and encrypt data, subsequently demanding a ransom to provide the encryption key.
What is Ransomware:
Ransomware is a type of malware that prevents users from accessing their system. This is achieved by either locking the system or by locking the user files, till a ransom is paid. Modern ransomware techniques which are collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and force the user to pay ransom through certain online payment methods to get a decryption key.
Ransomware Infection:
There are a variety of ways in which users may encounter this threat. These include:
- Ransomware can be unknowingly downloaded on systems when users visit malicious or compromised websites
- It can also arrive as a payload which is downloaded by another malware
- Some ransomwares are delivered as attachments from spammed emails, downloaded from malicious advertisements or dropped by exploit kits on vulnerable systems
- Once executed in the system, ransomware can either lock the computer screen or in the case of crypto-ransomware encrypt certain files.
Ransomware is also considered scareware as it forces users to pay a fee or ransom by scaring or intimidating them.
Challenges that need to be overcome:
Lack of strong security protocols. Many industrial control systems lack security protocols as they have not been targeted so far and their operators do not understand the extent of their vulnerabilities. However, most of these devices are located behind business systems that provide them with some level of protection, until they are compromised. Along with this, weak passwords and security policies can increase the vulnerability of the system.
Steps that will help overcome a ransomware attack:
- Create multiple backups of data, on an external hard drive and on cloud
- The applications on my computer are not turned on by default.
- Operating system and the software used are updated with the latest security updates
- For daily use, a guest account instead of an administrator account with limited privileges should be used
- Never open spam emails or emails from unknown senders
- Never download attachments from spam emails or suspicious emails
Paying ransom does not give a guarantee that the criminals at the other end will give you the decryption key. And even if they do that, this would lead to a vicious cycle of cyber-crimes.