Unprepared organizations will have a wide (and often unmonitored) attack surface that can be targeted
by parasitic malware. They will see infected devices constantly running at full capacity, raising electricity
costs and compromising functionality. Systems will degrade, in some cases leading to unexpected failure
that halts critical services.
Every organization will be susceptible to parasitic malware. However, environments with high power
consumption (e.g. power stations, water and waste treatment plants and data centers) and those reliant
on industrial IoT (e.g. computerized warehouses, automated factories and smart cities) will become
enticing targets for malicious attackers as high-power consumption tends to mask the energy usage of
parasitic malware.
Organizations should start implementing suitable controls to protect against parasitic malware holistically
across the business, including areas that have ICS, IoT and cloud deployments.
Preparation Must Begin Now
Information security professionals are facing increasingly complex threats—some new, others familiar
but evolving. Their primary challenge remains unchanged; to help their organizations navigate mazes of
uncertainty where, at any moment, they could turn a corner and encounter information security threats
that inflict severe business impact.
In the face of mounting global threats, organization must make methodical and extensive commitments
to ensure that practical plans are in place to adapt to major changes in the near future. Employees at all
levels of the organization will need to be involved, from board members to managers in non-technical
roles.
The threats listed above could impact businesses operating in cyberspace at break-neck speeds,
particularly as the use of the Internet and connected devices spreads. Many organizations will struggle
to cope as the pace of change intensifies. These threats should stay on the radar of every organization,
both small and large, even if they seem distant. The future arrives suddenly, especially when you aren’t
prepared.
About the Author
Steve Durbin is Managing Director of the Information Security Forum (ISF). His main
areas of focus include strategy, information technology, cyber security,
digitalization and the emerging security threat landscape across both the corporate
and personal environments. Previously, he was senior vice president at Gartner.