When we think about cyberattacks and malicious hackers, we often think in terms of our own personal lives and our own organizations. In my experience in cybersecurity, I often hear people say “Why would hackers target me? We are too small” or “I’ve never been affected by a cyberattack, so it’s not really something I’m interested in.”

The reality is that cybercriminals may be targeting you not because of your size but because of who your customers and clients are. Although you may not have noticed it, we are all affected by the increasing number of cyberattacks, the threat of which is only increasing.

Attacks on SCADA and CNI

We have long known that the possibility of attacks on Supervisory Control and Data Acquisition (SCADA) systems was a very real threat to our modern way of living. These systems routinely control how power, water, nuclear, manufacturing, and oil and gas are managed and distributed, forming part of our Critical National Infrastructure (CNI). Attacks on CNI are nothing new, and there are examples where these digital attacks have the potential of affecting our lives in very real ways.

Stuxnet

The Stuxnet worm raised the attention of every cybersecurity practitioner in the land. Almost like the plot line of a spy thriller movie, this computer worm, once installed on the network, sought out specific software on computers controlling programmable logic controllers (PLC). It was programmed to hide its presence as it caused the fast-spinning centrifuges to tear themselves apart, making it one of the first forms of malware which impacted the physical world. Stuxnet was highly effective in its targeting of control systems. It is thought to have infected over 200,000 computers and physically damaged 1,000 of them.

What is important to note is that, in order to get their weapon (Read more...)