Ransomware is the biggest problem in the present era.
Ransomware is now attacking every possible thing from a financial institution to hospitals, now it is turning more dangerous, a new malware is designed which can hack into any water supply industry and could poison it.
Researchers group from Georgia Institute of Technology have explored how Ransomware could attack industrial control system (ICS) and also demonstrated how actually malware can target core infrastructure.
What is Ransomware?
A simple definition is “a type of malicious software or a program developed to gain access to a computer system until a sum of money is paid by the legitimate owner “.
In their article “Out of Control: Ransomware for Industrial Control Systems”, the researchers demonstrated how they developed their own Ransomware that was able to hijack control of a water plant treatment and poisoned the water supply.
Statement — “We were able to simulate a hacker who had gained access to this part of the system and is holding it hostage by threatening to dump large amounts of chlorine into the water unless the operator pays a ransom. In the right amount, chlorine disinfects the water and makes it safe to drink but too much chlorine can damage your health.
The Ransomware was, presented at the 2017 RSA conference in San Francisco, allowed the researcher to alter the Programmable Logic controller(PLCs) – a tiny computer program that controls and supervise the Industrial Control System (ICS), Data Acquisition (SCADA).
This gives them the ability to shut valves and can control the amount of chlorine in water and can display false reading, it is not happening yet but can be done if no security measures were taken.
LogicLocker, the name of Ransomware developed by researcher targets three types of PLCs that are exposed online and infects them, thus giving them access to change the computer with a new password and locking the legitimate owners and asks for ransom money to unlock it. If the owner pays the ransom money, they get their control over PLCs back.But if not, then the hacker can malfunction that could potentially poison an entire city.
GIT researcher found over 1500 PLCs that were exposed online.
Statement — “There are common misconceptions about what is connected to the internet,” says researcher David Formby. “Operators may believe their systems are air-gapped and that there’s no way to access the controllers, but these systems are often connected in some way.”
Ransomware are attacking every infrastructure whether it is a financial institution or a educational institution for money which can cause havoc. So, it is time for industrial control system and SCADA to make their security more tighten by adding IDS(Intrusion Detection System), scanning for malware’s, firewalls, and limiting the connections.
Get more stuff like this
in your inbox
Subscribe Us And Get Latest Tech News, Hacking News, Science News, And Latest Gadgets News Directly Delivered To Your Inbox
Thank You For Subscribing. Verification Email Has Been Send To You. Please Verify !
Something Went Wrong.