7 Threat Trends from the 2022 RSA Conference

Back in 2016, attackers believed to be associated with Sandworm, a Russian hacking team, used malware dubbed “Industroyer” to break into a Ukrainian electricity provider and knock out power to portions of Kyiv. 

“If you go back to 2016 and look at the research we published then, one of the comments that our researchers made was that it feels like somebody was trying to prove the concept that they could do this,” recalls Tony Anscombe (pictured), chief security evangelist at ESET. 

Sure enough, this April, about two months after Russia launched its invasion of Ukraine, Sandworm attempted to shut down that country’s power grid using an updated version of Industroyer. The attack was thwarted, but Anscombe is uneasy about the future just the same. Half Moon Bay, Calif., where he lives, is served by the Coastside County Water District.

“It's a small regional water provider which, in my view, lacks technology experience,” he says. 

And it’s not alone. “There’s 50,000 water utility companies here in the U.S.,” Anscombe observes. Some of them are big organizations in big cities with the skill sets and resources to handle an Industroyer-style incident. Most of them, however, are SMBs like Coastside with questionable security measures in place and little to no security expertise in house. 

“I think that’s a specific issue, because they don’t have those skill sets and resources,” Anscombe warns.