[By Rahul Kannan, President and Chief Operating Officer, Securin]
Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as emphasized by the White House’s National Cybersecurity Strategy. The urgency is underscored by recent incidents, such as the cyberattack on India’s Tata Power, impacting millions, and the data breach at Colorado Springs Utilities, exposing the personal information of 200,000 customers.
The consequences of these attacks reach far beyond compromised data; they extend to societal function. Critical service providers, including power companies and utilities, hold a wealth of sensitive data, from financial information to personal details. Breaches at these entities can lead to life-threatening situations with service disruptions and put individuals at risk of data theft. The interconnectedness of these systems means that a breach in one sector can have cascading effects, affecting public safety, national security, and economic stability.
Breaches: A Tier-One National Priority
Recognizing the gravity of the situation, the White House designated defending critical infrastructure as its foremost national security priority stating: “Defending the systems and assets that constitute our critical infrastructure is vital to our national security, public safety and economic prosperity”. This acknowledgment reflects the essential role these services play in our daily lives, from ensuring clean drinking water to safeguarding schoolchildren’s privacy.
In 2022, 106 U.S. state and local government entities reported ransomware attacks; 25% of the attacks resulted in data theft, putting citizens’ privacy and security at risk. Breaches like these can result from using old legacy systems, third-party applications, or internal exposure of vulnerable information that can inflict costly consequences.
The economic implications are equally significant, with attacks on governments and critical infrastructure causing disruptions that can take up to five months to fully recover. These disruptions can lead to operational technology shutdowns, outages, leakages, and even explosions, further highlighting the vulnerability of critical systems and the potential risks to citizens.
Increasing Threats Loom
The escalating threats to infrastructure are fueled by a combination of factors, including global economic downturns, geopolitical tensions, nation-state actors, and the pervasive rise of ransomware. Industries across the board are affected, within the past three years energy facilities have been the most targeted (39%), followed by critical manufacturing (11%) and transportation (10%). On the healthcare side, a recent report between Securin, Finite State, and Health-ISAC found an alarming 59% year-over-year increase in firmware vulnerabilities within connected medical products and devices.
Moreover, the tactics employed by cyber attackers are evolving. While phishing techniques remain prevalent, the integration of artificial intelligence is enabling more sophisticated and automated attacks, reducing the response time to defend against these attacks. The stakes are high, with utility companies facing 1,101 attacks every week (compared to 504 weekly in 2020), emphasizing the need for a proactive and comprehensive cybersecurity strategy.
CISOs Call for Collaboration
Chief Information Security Officers (CISOs) are at the forefront of this battle, tasked with safeguarding critical systems. With the average data breach costing $4.45 million, it is imperative for CISOs to plan and proactively increase their security posture prior to an attack. To tackle growing security threats, industrial control systems and operational technologies (ICS/OT) must be updated. CISOs, who spearhead essential and rapid security initiatives, should:
- Keep up to date with government advisories.
- Ensure all individuals across the organization know established security measures, have proper security training, and are following best practices.
- Patch high-risk vulnerabilities as soon as possible.
- Establish a comprehensive cybersecurity strategy.
- Allocate sufficient resources to develop a continuous threat exposure management (CTEM) program that regularly monitors your security status.
- Have a contingency plan for when your systems are under attack.
- Consider consolidating cybersecurity operations to reduce redundancy and their applications’ attack surfaces.
Solving the security problems within infrastructure will take commitment and dedication from CISOs and collaboration between both private and public entities. The White House made clear its financial and political commitment to update and strengthen America’s National Cybersecurity Strategy, so it is important for security leaders to uphold that pledge. By leveraging the expertise of security professionals, government entities can work more strategically to outpace the rapidly evolving tactics of cyber attackers.
In conclusion, defending the nation’s critical infrastructure is not just a priority; it is a must that demands commitment. From implementing proactive security measures to fostering collaboration between sectors, every effort contributes to the resilience of critical systems. Through information sharing, collaboration, and a united front against bad actors, the country can fortify the most sensitive systems and protect the foundation of society. No measure is too small when it comes to securing critical infrastructure and thwarting the evolving threats posed by cyber adversaries.