New Cyberattack: What is Killware?

November 16, 2023
Access Tech: Are you protected?

Given the surge of incidents within the past decade, many people are becoming familiar with ransomware and data breaches. A new type of cyberattack known as killware has emerged in recent years, and it’s now a major security issue for organizations. But what is “killware”? 

Killware and industries that are vulnerable to these attacks 

Killware is a cyberattack that is deployed with the intent of producing real-life risk to communities through the manipulation of Operational Technology (OT). Killware attacks can be lethal or physically damaging to human life because they target critical infrastructure. 

As businesses continue to digitalize operations, threat actors will have more opportunities to execute killware attacks given their ability to access systems more easily. Hospitals, power grids, banks, police departments, etc. are considered primary killware targets because thousands of people can be put at risk.  

Killware vs. malware: What’s the difference? 

Different forms of malware are typically defined based on the tactic used (e.g., phishing or crypto jacking), whereas killware is defined by its ultimate outcome and any type of method that can be used in the execution process. Malware campaigns are for monetary gain, but killware attacks are designed to inflict physical harm on others. 

The future of killware 

Research by Gartner indicates that by 2025, cybercriminals will have the ability to “weaponize OT environments” to carry out successful killware attacks against humans. The firm also estimates that the cost of fatalities resulting from attacks will be over $50 billion by the end of 2023. 

Steps towards mitigating the impact of a killware attack 

  1. Deactivate and disconnect all OT devices from their power sources so that further damage does not occur.
  2. Factory reset your company’s devices to prevent the hacker from regaining access to them once they’re turned back on.
  3. Contact the manufacturer of the OT devices to report the incident. The supplier may be able to provide details for the replacement process. 

Reducing the risk of a killware incident 

As cyber criminals continue to perform killware attacks, it’s important for organizations to ensure that they’re protected against such occurrences. Contact us at Access Tech where we have been helping clients for decades defend their businesses from malicious actors.  

For more insights on this topic: