Blended Threats: That Time When Ransomware Shut Down Border Security…

Covering a security incident in Argentina, on 06 September, Lawrence Abrams (BleepingComputer) wrote, “Argentina’s official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. While ransomware attacks against cities and local agencies have become all too common, this may be a first known attack against a federal agency that has interrupted a country’s operations.” Abrams continues, “According to a criminal complaint published by Argentina’s cybercrime agency, Unidad Fiscal Especializada en Ciberdelincuencia, the government first learned of the ransomware attack after receiving numerous tech support calls from checkpoints at approximately 7 AM on August 27th.”

At Gate 15, we spend a lot of time discussing Blended Threats. A Blended Threat is a natural, accidental, or purposeful physical or cyber danger that has or indicates the potential to have crossover impacts and harm life, information, operations, the environment, and/or property.

As our world gets increasingly connected, the potential of disruptive cyber attacks causing physical impacts also increases. And as ransomware threats continue to pursue ways to attack and pressure targets into making payments quickly, causing physical disruptions will become increasingly appealing (see our 11 Aug post “Blended Threats: Holding Buildings Hostage” for more ideas).

See the complete post, “Netwalker ransomware hits Argentinian government, demands $4 million,” to learn more about this attack and Netwalker, one of the very many ransomware threats currently impacting organizations worldwide. And follow BleepingComputer for great day-to-day ransomware threat awareness.

As this and other attacks continue across critical infrastructure, non-profits and other targets, our team at Gate 15 continues to apply our threat-informed, risk-based approach to analysis, preparedness and operations. Among other activities, we use that approach to develop client analysis and through preparedness activities, including a current series of workshops with focus on a threat scenario exploring organizational response to a ransomware attack causing physical impacts.

As the environment changes, our preparedness activities need to keep pace. Is your incident response plan ready for the threat of ransomware, for blended threats, and for other evolutions in our all-hazards threat environment? Our team is ready to help you develop the plans, training and exercises you need to be ready. During this National Preparedness Month, maybe it’s a great time to take the next step in your organizational preparedness.

In a post earlier this month, the DHS Cybersecurity and Infrastructure Security Agency (CISA) wrote CISA “recommends users and administrators use this month as an opportunity to asses cybersecurity preparedness for cyber-related events, such as identity theft, ransomware infection, or a data breach.” We agree. Let’s get started.

Understand the Threats. Assess the Risks. Take Action.

Understand the threats! Subscribe to our free daily paper and subscribe to our podcasts!

Take action! Our team is here to help you build the relationships and capabilities you need and to assist in the development of plans, training, and exercises to support your ability to prevent, protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk to your organization in our complex, all-hazards environment.