New type of cyberattack known as Killware

CIS1 20, Dec, 2023

Cybersecurity Threat Advisory

Given the surge of incidents within the past decade, many people are becoming familiar with ransomware and data breaches. However, a new type of cyberattack known as killware has emerged in recent years, and it’s now a major security issue for organizations. But what does the term “killware” actually mean? Let’s take a look:

Killware and industries that are vulnerable to these attacks

Security Magazine describes killware as a cyberattack that is deployed with the intent of producing real-life risk to communities through the manipulation of operational technology (OT). Put simply, killware attacks can be lethal or physically damaging to human life because they target critical infrastructure.

For example, suppose that a city’s public transportation system gets hacked, and services are halted. The transit company can handle the situation by fulfilling the attackers’ ransom request so that public safety isn’t endangered, but it’s likely that someone may get injured while the services are stopped.

As businesses continue to digitalize operations, threat actors will have more opportunities to execute killware attacks given their ability to access systems more easily. The U.S. Department of Homeland Security (DHS) suggests that hospitals, power grids, banks, police departments, etc. are considered primary killware targets because thousands of people can be put at risk. Essentially, highly networked industries and organizations are more susceptible to these types of attacks.

Killware vs. malware: What’s the difference?

Both killware and malware can seem fairly similar in nature, however, they’re different in terms of their end goals and the ways in which they are defined. Different forms of malware are typically defined based on the tactic used (e.g., phishing or crypto jacking), whereas killware is generally defined by its ultimate outcome and any type of method such as ransomware can be used in the execution process. In addition, most cybercriminals undertake malware campaigns hoping for monetary gain, but killware attacks are designed to inflict physical harm on others.