Blog / The Physical Dangers of Malware and Viruses
Did you know not all malware and viruses are contained to the internet?
Now, to be clear, I’m not suggesting computer viruses can evolve into biological ones. However, there’s a pervasive belief among the general public that malware might screw up computers and destroy valuable digital assets but are otherwise harmless to real world devices. That belief is simply wrong.
Malware is an umbrella term defined by the National Institute of Standards and Technology (NIST) as “a computer program that is covertly placed onto a computer with the intent to compromise the privacy, accuracy, or reliability of the computer’s data, applications, or OS.” It covers things like ransomware, spyware, adware, remote access trojans (RATs) and other types of malicious software (which is where the word comes from). There are many different classifications but one thing that almost all of them share is that while they may cause emotional and often financial harm, they aren’t meant to cause physical harm. However, just because they’re rare and relatively unknown doesn’t mean there aren’t any malware and viruses out there fully intended to cause physical damage.
In fact, malware that causes physical damage isn’t particularly new. Way back in the days of Windows 3.2 (we’re talking the mid-late ’90s here) there was a virus known as an ANSI bomb. All it did was set the 1st pixel on you monitor to bright white, then the 2nd, and so on until your screen was a solid, brilliant white. Of course, even back then computers were incredibly fast compared to human, so this would all appear to happen instantaneously. In those days monitors still used cathode ray tubes, so the ANSI bomb would push the emitter up to maximum power. That didn’t normally happen during regular use, and often it meant that the monitor would burn out and effectively destroy itself, sometimes even catching on fire. Why someone would program such a thing we still don’t know. The original purpose could likely have just been a programming experiment (due to the simplicity), but once the idea got out there was no turning back.
A more recent example involves Stuxnet, a virus uncovered back in 2010. Stuxnet was unique because it was incredibly, unbelievably, precisely targeted at a single model of centrifuge that just happened to be used in the Iranian nuclear program of the time. Stuxnet turned off those centrifuges’ limiters, disabled their brakes, and spun them up to maximum power so they destroyed themselves (possibly in a spectacular and radioactive fashion if they happened to be filled with uranium at the time). There was no theft of information, no demands for money, and no discernible means of profiting, so most experts don’t believe it was created by a criminal organization. The hyper-specific nature of Stuxnet meant that if it ever got escaped Iranian borders (which of course it did), the collateral damage would be minimal. Indeed the specificity of the target, complexity of the malware and it’s payload, and the resources required to produce it makes many think it was a state-sponsored attack meant to sabotage the Iranian nuclear program.
Of course, that was then and this is now. The conflict between Russia and the Ukraine isn’t just happening in the real world (or meatspace, as we computer aficionados sometimes like to call it). It’s also happening in the digital world of cyberspace. As such, there has been a massive increase in the distribution of malware and viruses intended to cause physical damage. Remember, even if repairing the damage caused by such an attack is expensive, the overall purpose of these attacks isn’t financial. It’s to cause disruptions, and the lengthier the better, so damaging actively-engaged equipment whose repairs are likely going to be both timely and costly is the typical end goal.
Since the outbreak of the war, there’s been a massive increase in the occurrence of wipers and other malware designed purely to do damage and cause disruption within the Ukraine. The difference is the nature of what’s being targeted. It’s not some hyper specific piece of hardware. It’s regular everyday equipment, the kind used day in and day out by you, me and all the people around us. While the target of these attacks has been primarily in the Ukraine who’s to say how long that will continue. Some of the software will do cursory checks to try and confirm the region (comparing location settings and languages installed). While this may limit the damage, these weapons can be easily retooled to target another region as easily as modifying a couple lines of code. If there was ever a time to take a second, or third look at your overall cybersecurity posture, it would be now.
Regular readers will know my love of Shakespeare, but even I often need to Google an appropriate line for each topic. This time though, I’ve got one that comes straight from memory, from one of his most famous works, Hamlet: “Is this a dagger I see before me? The handle toward my hand? Come, let me clutch thee.”
If you’d like to learn more about how malware and viruses can damage your business or organization, and how to combat them, contact one of TRINUS’s cyber security experts today and we’ll be happy to help out.
Courtesy your friendly neighbourhood cyber-man.