US Hit Hard by WannaCry Ransomware

May 18th, 2017 by admin Leave a reply »

A Department of Homeland Security official mentioned that WannaCry ransomware campaigns affected some U.S. critical infrastructure operators. It also mentioned that there are no victims in U.S. federal government.

Dragos CEO Robert M. Lee mentioned that his company is “aware of infections that occurred in the industrial control system community and had impact,” including small utilities and manufacturing sites in the United States — though he said “no one’s been hurt and no safety was at risk.”

PAS Global CEO Eddie Habibi mentioned that companies that depend on industrial control systems (ICS) are put on high alert.

“In a corporate IT network, cyber security professionals have the option of isolating traffic or entire systems if they are compromised,” Habibi said. “Personnel can also apply patches in real time with confidence that patching will not impact system performance.”

“Those systems may have primary responsibility for controlling volative processes or ensuring worker and environmental safety,” Habibi said. “System uptime is paramount.”

“Real-time patches are also no-nos within a facility’s network,” Habibi added. “First, any Microsoft patch must have ICS vendor approval before application. Even with approval, patching typically occurs during maintenance windows and turnarounds when systems are offline — something that may occur only once or twice per year.”

Patches can’t be applied if there are chances of process disruption.

“In these cases, asset owners may place additional security controls in front of the unpatched system to mitigate risk,” Habibi said. “This assumes that there is a closed-loop, enterprise-wide patch management process in place that can evaluate the steps required to mitigate risk; many companies are missing this capability.”

Microsoft has released patches for security but it is not enough for limited ability work force of critical infrastructure.

“As we watch WannaCry continue to proliferate and see new variants spring up, the risk to industrial process facilities remains high,” he said.

Langner founder and CEO Ralph Langner mentioned that the abled attacker could hit industrial targets and force a production halt. “We haven’t seen that on a large scale yet, but I predict it’s coming, with ransom demands in the six and seven digits,” he said.

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.

Leave a Reply