UPDATED 21:06 EDT / OCTOBER 13 2021

SECURITY

Homeland Security secretary warns ‘killware’ is the next big cyber threat

U.S. Department of Homeland Security Secretary Alejandro Mayorkas is warning that the next big cybersecurity threat is killware, and it could indeed end up killing people.

Mayorkas (pictured) identified killware as a serious risk in an interview with USA Today Tuesday, citing the case of an attack on a water treatment facility in Florida in February. That attack involved an unknown hacker remotely accessing a water treatment plant in Oldsmar, Florida, and attempting to poison the water supply by increasing the sodium hydroxide to toxic levels.

Sodium hydroxide, also known as lye and caustic soda, controls water supply acidity and removes heavy metals from water. In very small doses, it’s fine, but in high doses, it can range from skin irritation to potential death from causing severe burns.

Mayorkas argued that the Colonial Pipeline attack distracted many people from the far more egregious attack. “The attempted hack of this water treatment facility in February 2021 demonstrated the grave risks that malicious cyber activity poses to public health and safety,” Mayorkas said. “The attacks are increasing in frequency and gravity and cybersecurity must be a priority for all of us.”

According to Mayorkas, the attack in Florida was one of many indications that hackers are increasingly targeting critical infrastructure. Attacks on hospitals and water supplies to banks, police departments and transport, could injure or even kill people, Mayorkas noted.

Attacks on hospitals have been a dime a dozen over the last few years, but only one so far is known to have indirectly resulted in a fatality. In September 2020, a German woman died after being diverted from a hospital that had suffered a ransomware attack.

Mayorkas isn’t the first to highlight the risk. In July, a report from Gartner stated that there is evidence of increasingly debilitating and dangerous attacks to expect that by 2025, “cyber attackers will have weaponized operational technology environments to successfully harm or kill humans.” Gartner also estimates that the costs of attacks resulting in fatalities could reach $50 billion by 2023.

“This is an alarming development, but not entirely unexpected,” Jack Chapman, vice president of threat intelligence at data security firm Egress Software Technologies Inc., told SiliconANGLE. “Malware, including ransomware, is a fast-growing criminal market and over time, it’s inevitable that we’ll begin to see increasing numbers of so-called ‘killware’ attacks aimed at crippling infrastructure. In some cases, the motive of the attackers is more sinister than simply financial gain – they want to cause harm.”

Photo: World Travel & Tourism Council/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU