Why attacks on critical infrastructure are dangerous
Attacks on critical infrastructure could eventually devastate the livelihoods of millions of people and even bankrupt companies.
Critical Infrastructure (CI) comprises physical and cyber assets that are vital for the smooth functioning of societies and nations across the globe. The sectors that make up critical infrastructure differ from one country to another. The disruption or damage of CI can have severe direct and indirect effects.
So far, most attacks on critical infrastructure have been cyber criminals seeking cryptocurrency payouts. But what happens if a threat actor has plans beyond a quick payday? What if an attack creates chaos by eliminating critical infrastructure to harm a region or country?
Attacks on CI could eventually devastate the livelihoods of millions of people and even bankrupt companies. Experts listed cyberattacks on CI as a top concern in 2020. This trend is estimated to persist into and beyond 2021.1 In the interest of national and global security, CI facilities must take proper measures to prevent threat actors from accessing their networks.
Attacks are widespread
Attacks on CI are becoming increasingly common topics of discussion on news channels as highly publicised cases, such as those mentioned below, rattle businesses and communities. It’s a scary situation and emphasises how prepared you should be.
Colonial Pipeline
In May 2021, the mammoth pipeline system for refined oil in the US, Colonial Pipeline, was hit by a cyberattack that stemmed from a single compromised credential. The result? Colonial Pipeline’s fuel distribution to the East Coast of the US was shut down for nearly a week.
JBS SA
The largest meat processing company globally, JBS SA, fell victim to a cyberattack a few weeks after the Colonial Pipeline breach. The attack forced the company to halt production at its U.S. beef plants while operations in Australia and Canada were also hit.
The Health Service Executive (HSE) Hack
The HSE (Ireland) had shut down its IT systems temporarily following a cyberattack. This CI attack is disturbing because it happened during the pandemic when health systems were buckling.
Other well-known cases include the attacks on NSW’s State Transit Authority (Australia), Israel’s Water Authority, and Air India.
Know the threat actors
To avoid the unpleasant experience of a CI attack, here are some major threats to prevent:
- Phishing – Experts have estimated that an alarming 75% of organisations in the U.S. experienced a phishing attack in 2020.2 Phishing through email occurs when malicious actors masquerading as genuine senders lure users into sharing credentials and sensitive information.
- Unpatched vulnerabilities – Unpatched vulnerabilities let cybercriminals run malicious code by exploiting an unpatched bug. In 2020, about half of CI operators reported unpatched vulnerabilities as the cause of cyberattacks.3
- Distributed Denial of Service (DDoS) – A DDoS attack on your network or server will overwhelm it with traffic, thus disrupting the service. A recent study reported over 2.9 million DDoS attacks in the first quarter of 2021. Compared to 2020, that is an increase of over 30%.4
- SQL injection – A SQL injection is an attack vector that injects malicious SQL code into vulnerabilities and can even destroy databases. Over 30% of CI operators reported SQL injection as the cause of a breach.3
- Cross-site scripting – Also known as XSS, cross-site scripting is a method of executing malicious scripts on a legitimate website. Almost 20% of CI operators reported falling for this attack vector.3
How to tackle these attacks
Secure remote access
Remote access, if not secured, could provide a freeway for cybercriminals. It’s vital to have network firewalls, endpoint protection, and good password hygiene.
Create asset inventory
You can’t protect what you don’t know needs protection. That’s why it’s essential to have an asset inventory. With an updated inventory of all your network assets, you canimplement strategies to ramp up security.
Identify and patch vulnerabilities
Many Operational Technology (OT) and IoT devices within industrial networks aren’t secure enough to be part of a critical infrastructure environment. By deploying tools to identify system vulnerabilities, it’s possible to find risky devices, sort them based on their level of risk and then recommend firmware updates.
Detect anomalies
Automated detection solutions backed by artificial intelligence can easily track anomalies and other minor suspicious changes within the network.
Managing all these single-handedly may seem like a tedious process, but we can take all the hassle away and help you ramp up your business’ security posture. Contact us to learn more about protecting your critical infrastructure.
Sources:
- 2020 Global Risks Report, WEF
- Statista
- Cipsec.edu
- DarkReading