Killware is a type of malware that is being deployed with the sole intention of causing physical harm, even death. Cyber psychopaths deploying such malicious code have one goal – to case pure real-life destruction. Killware is a relatively new term that has been heavily mentioned in the media over the last couple of weeks. Experts believe that killware might be the next big cybersecurity threat as more critical infrastructure facilities become targets of bad actors whose actions to aim to cause real-life damage.
During an interview for USA Today, Alejandro Mayorkas, a U.S. Secretary of Homeland Security, said that ordinary consumers need to increase their cyber hygiene. He pointed out that work in many cases now is done from home, and the interconnectedness creates vulnerabilities that bad actors could exploit. While up until now, hackers have predominantly been focused on causing monetary damage, recent attacks on critical infrastructure confirm that more and more hackers are out there to simply cause harm. While financial troubles can be undone one way or another, the actions of cyber terrorists can be lethal and irreversible.
A good example is an incident that occurred in Florida earlier this year. The cybercriminals behind the attack used malicious code to tackle a water plant in Oldsmar, Florida. The sole purpose of the hacker who penetrated the system was to cause water contamination that could have harmed real people living in the sunshine state. Luckily, the attack was stopped before the water quality was affected. However, the attacker was never caught, and to this day, no one knows who was behind the attack. If the attack was successful – people could have gotten very hurt. What makes this particular attack scary is that the water facility was attacked purely to cause harm. There were no ransom requests.
Sadly, this attack is not a single incident. Last week government agencies revealed three additional cyber-attacks that were not reported until now. The incidents happened in 2021 and led to a joint cybersecurity advisory issued by four high-level U.S. security agencies – Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA). The alert highlighted that known and unknown actors actively target the information technology and operation technology networks, systems, and devices operated by the U.S. Water and Wastewater Systems (WWS). Such actions threaten the ability of WWS facilities to provide drinkable water and could potentially cause real-life physical harm.
Homeland Security does not necessarily say that hackers are only after water facilities – the attacks are being aimed at other critical infrastructure providers such as hospitals, banks, police departments, transportation systems, etc.
Nevertheless, the upcoming boom of autonomous vehicles is also where killware could be heavily implemented. Security breaches could cause devastating results if cyber psychopaths somehow manage to control and steer cars into populated areas or incoming traffic. Even though they weren’t called killware, similar attacks have been identified going back to 2000. So far all attempts have been unsuccessful. However, Gartner’s statement that in less than 5 years Cyber Attackers Will Have Weaponized Operational Technology Environments to Successfully Harm or Kill Humans and the recent joint security advisory suggest that those threats are genuine and critical infrastructure operators must continue to be prepared to tackle killware as more attacks are likely on the way.