- A supposed “white hat” hacker gained access to the network of the Dallas Office of Emergency Management and managed to set off 156 sirens used to alert of an emergency
- Alarms blared for 90 minutes before the city was able to manually shut down the entire system.
- How does this continue to happen? Because the current method of stopping malware just isn’t working.
Malware happens. Just last week a supposed “white hat” hacker gained access to the network of the Dallas Office of Emergency Management and managed to set off 156 sirens used to alert of an emergency around the city. The alarms lasted for 90 minutes before the city was able to manually shut down the entire system. The worst part, this is not the first time the city of Dallas has been targeted by hackers. Last year several road construction signs were changed to read out political messages.
This type of attack on local and Federal governments is not new. In fact there was an attack last Thanksgiving weekend on San Francisco’s transit system where the attacker demanded $70,000 in Bitcoin. This forced the city to shut down the ticket systems allowing riders to commute for free costing the city substantial money.
Why does this keep happening?
In a world where we rely more and more on computer systems to protect, alert, and control everyday occurrences, how can this continue to happen? It happens because the current method of stopping malware just isn’t working. Most networks today rely on detection as a means of stopping malware.
However, detection means that it has to have been seen before in order to stop it. What if the Dallas Office of Emergency Management was “Patient Zero” for this attack? Great that AV vendors can now develop a method to stop it in the future, but damage was already realized.
A different security approach could have prevented this.
So what can be done to stop this in the future? The future of stopping malware is protection. The future of stopping malware is Application Isolation using hardware enforced virtualization.
Bromium has been preaching this since the company’s inception. Take a look at how virtualization-based security can stop your organization from setting off the emergency sirens.