Thursday, December 13, 2018
This month a European water utility found its SCADA/ICS equipment had been compromised in a cryptojacking attack. The mining attack, which happened in an unspecified utility facility, was discovered after three weeks. The attack was discovered by a security firm and likely stemmed from an operator opening a phishing e-mail.
Cryptojacking is the process by which malicious actors install code, either through a website or phishing email, into the user’s computer. This code then uses compute cycles to perform the complex mathematical equations necessary to mine for cryptocurrency, degrading server speed. In this case, hackers were mining for Monero, a notably private and untraceable form of digital currency. This type of attack has gained popularity lately, owing partially to a higher success rate than ransomware payouts.
Tempered Networks can utilize zero trust protocols and microsegmentation to head off such attacks before they start. Within a flat network, such as the one above, bad actors can traverse networks once they gain access at any endpoint. Zero trust protocol requires mutual authentication before any communication can take place, leaving malware unable to operate. Microsegmentation further restricts communication to network segments that are specifically allowed between devices.
Want to see how we’ve applied our solution to other utilities networks? Check out our case study here.