killware

September 2020 proved a grim milestone in cybersecurity: It was the time that a ransomware attack was directly attributed to a death. 

A woman in Germany experienced an aortic aneurysm and was rushed to a hospital. She was turned away due to a ransomware attack. The woman died while being transported to another hospital.

The idea of cyberattacks leading to actual physical harm or death was long thought of as more of a possibility than an actual threat. Recording-breaking DDoS and ransomware attacks have successfully disabled critical infrastructure and megabreaches have compromised the sensitive information of millions, but the damage has largely been online and data-based. Enter killware.

Killware is a blanket term for any number of cyberattacks that are targeted at killing or damaging the real-life health of targets. Unlike most other forms of malware, which are generally defined by their method, killware is defined by its end result.

Killware was used in the attempted hack of a Florida water treatment facility earlier this year. After entering into the plant’s poorly guarded system, a threat actor boosted the level of sodium hydroxide in the water by a hundredfold to lethal levels. The attack was fortunately immediately noticed by an operator, but if not for a quick response, the water supply of over 15,000 could have been poisoned by a relatively simple hack. The mode of attack was remote access software, but because of the target and goal, this falls under the rubric of killware.

The U.S. Department of Homeland Security has identified killware as a new cyberthreat more urgent than ransomware. It should be noted that it includes ransomware as a category and all other modes of attack that result in mortal danger. 

Government agencies, hospitals, and operators of critical infrastructure are being urged to maintain cybersecurity best practices, especially when it comes to systems where a successful attack could prove life-threatening. 

We’ve entered a new phase in cybersecurity that is literally life and death, where any number of hacks can be used for the very worst purposes. It’s never been more crucial to get your cybersecurity in order.