A recent article discusses how Triton, a particularly devastating form of malware, is taking down safety systems in critical infrastructure. This malware destroys key mechanisms that act to stop catastrophes such as power plants blowing up, nuclear plants from melting down… And now Triton-based hackers are targeting the U.S. In the past, when dealing with U.S.-based utilities, we discovered that the backup plan for most critical systems is to build a replicate of the primary and then failover to that backup if the primary fails. When asked what happens if the backup fails, the engineers raised their hands in the air and said that nobody knows… Given that the backup would have the same exploitable gaps, going to the backup – at best – merely slows down the impending disaster. At best because, in reality, the backups will also already be infected and will simply cascade the disaster. So what to do?
Stop The Spread
We are sure that some Very Smart People are working on overcoming Triton and that, eventually Triton will be full eradicated. Most likely in time for the next malware versions to attack. Of course, killing off malware is essential but there needs to be something better. Alongside killing off malware, security systems have to stop the proliferation of malware within an enterprise. If the malware gets into one device – and humans will ensure that malware ALWAYS gets into one device – but cannot spread to any other device then the amount of damage is greatly limited. Triton did not directly access critical infrastructure – it was carried in through an end user’s computer, laptop or phone. Keeping those exposed devices from allowing malware to spread is essential for fighting proliferation. To do this, security systems have to move from access control into communications control. Right now, any two devices that have no shared resources can still talk with each other. Think about that for a minute. There is no reason that a user’s phone should talk with a mission-critical server as no resources are shared. Despite the resource control, malware on that phone can talk with the server all day…and efficiently spread… That is nuts. Controlling communications stops the spread of malware – no matter what version of malware is attacking.