Report Names Bentonite and Chernovite as Major Cybersecurity Threats
Image courtesy of Focal Foto under Attribution-NonCommercial 2.0 Generic License, resized to 700 x 391 pixels.
According to a new report from industrial cybersecurity firm Dragos, the threat of a cyberattack on U.S. utility infrastructure continues to grow, and 2 groups in particular – Bentonite and Chernovite – are major threats. Unfortunately, they are not the only threats, as the firm says it is tracking 20 “activity groups” that are known to target a variety of industrial and utility sectors across the globe.
What is Bentonite and Chernovite and Why are They Dangerous?
Bentonite is focused on disrupting oil and gas companies, and the group is increasingly troublesome because it has demonstrated that it can take over a system’s command and control capabilities. And Chernovite has developed an attack framework called “Pipedream” that targets industrial control systems, including those within the energy sector.
These and similar groups are becoming more sophisticated by the day, and the number of entry points they can target for an attack is growing exponentially thanks to the increasingly distributed nature of the grid. Even the North American Electric Reliability Corp. (NERC) highlighted the need for better cybersecurity in its annual report.
In terms of planning to respond to this and similar ‘cyber emergencies,’ the Dragos report recommends starting off with just a single scenario, whether it be Bentonite, Chernovite, Erythrite, or some other bad actor, and create a response plan specific to that scenario. Then train employees on that scenario and practice the plan in a tabletop exercise, before broadening it to encompass other scenarios.
The good news is that the Dragos report said that electric utilities showed the most preparedness for a cyber-attack, followed by oil and gas companies. But this doesn’t mean that electric utilities should sit on their proverbial laurels – given that the hacking tactics are constantly evolving, utilities must continuously evolve their cybersecurity plans as well. Simply put, for every Bentonite and Chernovite that gets shut down, another dozen will pop up in their place.