The cyber threat hunters had honed their chops at the National Security Agency - the world's premier electronic spy agency. And last fall, they were analyzing malware samples from around the world when they stumbled across something highly troubling: the first known piece of computer software designed to kill humans.
The researchers, who launched their own firm several years ago, determined that the malicious computer code was created to sabotage a safety system whose sole purpose is to avert fatal accidents. When the system fails, the chance of a deadly accident - in this case, in a petrochemical plant - greatly increases.
“The only purpose of these safety systems is to protect human life,” said Robert M. Lee, co-founder of Dragos, who conducted cyber operations for the NSA and U.S. Cyber Command from 2011-2015. "The only reason to sabotage them is to kill people.”
Cybersecurity company thwarts attempts to sabotage industrial safety software.
Dragos, based in a techno-hip warehouse in Hanover, Maryland, is at the forefront of a new line of business for cybersecurity firms. It focuses on industrial control systems - the machines that make oil, gas and electricity flow; pump water and create chemicals.
A larger and better-known cyber firm, FireEye, independently also identified the potentially deadly malware. Yet the obscure start-up is the only company so far to have identified two, separate strains of malware that were built to damage or destroy industrial control systems. Several U.S. and Western government agencies have turned to Dragos for analysis and insights on control system attacks.
Lee, 30, and his two Dragos co-founders - Jon Lavender and Justin Cavinee - gained crucial experience at the NSA, which employs a corps of highly skilled cyber operators. But after several years working at the NSA in industrial threat detection, they realized that gathering exquisite intelligence on adversaries who are bent on disrupting industrial control systems is one thing. Protecting the systems from those hacks is another.
The researchers, who launched their own firm several years ago, determined that the malicious computer code was created to sabotage a safety system whose sole purpose is to avert fatal accidents. When the system fails, the chance of a deadly accident - in this case, in a petrochemical plant - greatly increases.
“The only purpose of these safety systems is to protect human life,” said Robert M. Lee, co-founder of Dragos, who conducted cyber operations for the NSA and U.S. Cyber Command from 2011-2015. "The only reason to sabotage them is to kill people.”
Cybersecurity company thwarts attempts to sabotage industrial safety software.
Dragos, based in a techno-hip warehouse in Hanover, Maryland, is at the forefront of a new line of business for cybersecurity firms. It focuses on industrial control systems - the machines that make oil, gas and electricity flow; pump water and create chemicals.
A larger and better-known cyber firm, FireEye, independently also identified the potentially deadly malware. Yet the obscure start-up is the only company so far to have identified two, separate strains of malware that were built to damage or destroy industrial control systems. Several U.S. and Western government agencies have turned to Dragos for analysis and insights on control system attacks.
Lee, 30, and his two Dragos co-founders - Jon Lavender and Justin Cavinee - gained crucial experience at the NSA, which employs a corps of highly skilled cyber operators. But after several years working at the NSA in industrial threat detection, they realized that gathering exquisite intelligence on adversaries who are bent on disrupting industrial control systems is one thing. Protecting the systems from those hacks is another.