Long-feared news in our industry broke this month when a cyberattack indirectly caused somebody’s death. A woman requiring medical attention died because Düsseldorf University Hospital, which had suffered a ransomware attack, couldn’t accept her, meaning she was re-routed 30km to a facility in neighboring Wuppertal. The hospital blamed a vulnerability that attackers had leveraged in its commercial software, reinforcing the criticality of patch development and deployment.
Surprisingly, this is the first reported death indirectly caused by a cyberattack, though it’s unlikely to be the last. The 2017 WannaCry ransomware attack could have easily led to loss of life for instance, as it infected hundreds of thousands of computers globally within hours of execution. No target was off limits and the UK’s National Health Service (NHS) was pushed offline, causing nationwide panic. Such an attack during the current pandemic could put hundreds, if not thousands, of lives at risk, with hospitals struggling to cope with the huge influx of patients. That’s not to say COVID-19 hasn’t drawn attacker attention though: the UK is almost certain that Russian hackers tried to steal its vaccine research, knowing the pioneering nation will prosper.
The travel industry is also vulnerable, and several warning shots have already hit the headlines. WannaCry targeted railway company Deutsche Bahn, for example, throwing German train stations into chaos as the ransomware usurped public information monitors. In 2018, attackers blacked out flight information screens at Bristol Airport, meaning staff had to replace digital screens with whiteboards and marker pens. More recently, the WastedLocker strike on Garmin caused headaches for pilots who couldn’t download a version of the company's aviation database on their airplane navigational systems. The Garmin Pilot app used to schedule and plan flights was also downed. These are fairly novel instances of travel disruption – but the potential for more severe consequences is there.
The threat of cyberattacks on infrastructure is most concerning. Nation-state attackers can wreak havoc by targeting nuclear power plants or water treatment facilities, and such attacks are on the rise. A survey of security professionals working across utilities, energy, health, and transport found 90% had been hit by at least one successful attack. In 2009, Stuxnet malware hindered Iran’s nuclear enrichment program, while last year India's Kudankulam Nuclear Power Plant was hacked using targeted malware. In July Israel announced that two cyberattacks had been carried out against its water infrastructure (though neither were successful).
Politics too is affected: this year Chinese state-sponsored hackers broke into the Vatican’s networks to spy in the build up to negotiations about the status of churches in China. Meanwhile, the UK said it believed Russia had tried to interfere in its 2019 general election by stealing and leaking documents related to the UK-US Free Trade Agreement.
Clearly cyberattacks do more than damage bank accounts and reputations. There is a genuine growing threat to society and its infrastructure, so to assume ‘it won’t happen to us’ is no longer viable. Every organization should prepare for the worst, and it’s this thinking that led Immersive Labs to create the Cyber Crisis Simulator, which allows you to test human readiness without resource-intensive physical tabletop exercises. Entirely browser based, it challenges teams to make critical decisions when dealing with emerging incidents such as ransomware outbreaks, insider threats, data breaches and spear-phishing attacks. It works on the principle that simulations are the best way to equip your people – practical exercises that build muscle memory in preparation for the real thing.
You cannot predict or stop a cyberattack, but the difference between a coherent and a chaotic response could be huge. If you would like to learn more about the simulator and see it in action, join our next webinar on 7th October – it’s set to be a good one!
28 September 2020
Latest Blog posts
One-day exploit party with SaltStack
2 March 2021
Why so salty? Local privilege escalation on SaltStack minions
26 February 2021
Diverse organizations build high-performing crisis response teams. Here’s how.
24 February 2021
New package management flaw: dependency confusion
22 February 2021
Being out in the workplace: Why being open matters
15 February 2021
The digitalization of kidnap and extortion: a modern business dilemma
11 February 2021