Every government depends on critical infrastructure to properly manage and safeguard its nation. Every asset, whether onsite or virtual, falls under this category, from energy to financial services to information technology. Protecting critical infrastructure has become difficult, and the stakes are high in the face of growing cyber threats. How dangerous can a cyber attack become? What possible outcomes are there? Through this example, you can clearly understand the deadly potential of a cyber attack on critical infrastructure.
In Feb 2021, one of the deadly cyber attacks infected the Oldsmar water plant in Florida. Hackers compromised the security system of the water plant and got access to the credentials, which they used to manipulate the acidic levels of the city’s water. They increased the levels of sodium hydroxide to the dangerous level of 100 times. However, an employee foiled the attempt, and the water returned to the right pH balance. Still, it alarmed the relevant authorities and warned the world of the intensity of the coming cyber threats.
The question arises; how can countries protect critical infrastructure? Raising awareness and understanding the dynamics of critical infrastructure cybersecurity is an ideal start that can minimize the damage.
Promote a cybersecurity culture
Regardless of automation, humans are the driving force of critical infrastructure. They direct the system and perform the operations; sometimes, negligence and errors may lead to disasters. Interestingly, lack of cyber security training and missing protocols are the primary factors that led to the most security breaches. Only 55% of professionals working in electric utility setups have swift and systematic patched-up systems.
Every organization must ensure a state-of-the-art security setup with proper training of staff. When critical cybersecurity infrastructure is in question, it’s not the responsibility of the IT team only to safeguard it. All workforce must adhere to the latest security protocols and polish cyber security skills to play their part in mitigating security risks. At this point, cybersecurity experts with advanced qualifications, in collaboration with other departments, can foster a conducive environment in an organization.
Implement the security protocols
Most of the time, improper security measures give cyber criminals an edge in entering the critical infrastructure system. They sabotage security when doors are left wide open without security protocols. Every organization must ensure effective security protocols to bug off common threats.
These protocols can be as simple as setting and updating a strong password and as complex as encrypting data and communication across devices. Security Information and Event Management (SIEM) can prevent malicious attacks by monitoring access points and network traffic. In addition, a multi-factor authentication (MFA) and updated version of anti-malware software and firmware can also upgrade the security system.
A coherent Zero trust policy is a good way to practice the safety of critical infrastructure through restricted access to limited staff. Employ the latest cyber security trends, such as AI and ML, to improve security. At the same time, keep employees in the loop to stay updated with what to watch out for in the cyber world.
Improve physical and digital security
The security of the critical infrastructure is not limited to only digital assets and data centers. It goes beyond the networks and includes physical assets such as dam sites, nuclear and chemical plants, solar and wind energy sites, and many more. These sites can access the central network remotely and leverage the system’s vulnerabilities.
Moreover, cybercriminals can tamper and manipulate assets like smart meters, charging stations, etc. which can impact customers. Utilities require protection at both physical and digital levels to avoid risks of disruption or complete shutdown of the system.
Ramp up the security of the physical and digital assets and implement effective and foolproof security policies. Use biometric verification and badging to allow physical access to critical sites. Apply multi-level security at entry points and limit access to only important staff. A round-the-clock tracking and monitoring system can be crucial in maintaining a safe environment for critical infrastructure.
The energy sector, especially electric and gas power companies, is the most vulnerable to cyber-attacks. Potential threats may impact the generation, transmission, distribution, and networking in these sectors resulting in disruption of supply and heavy financial loss.
In May 2021, cybercriminals infiltrated digital systems of colonial pipelines through ransomware. They shut down the network of 55,000 miles of pipelines for several days and stole100 gigabytes of data within two hours. The US government paid 5 million as a ransom to the attackers. Similarly, in May 2019, the government incurred an estimated loss of $18.2 for a ransomware attack in Baltimore city.
Communication is the key to addressing the rising challenge of cyber security worldwide. Critical infrastructure providers can collaborate to fight cyber threats. Starting from the inside laid the foundation for improved collaboration among teams and departments to stay updated on the latest vulnerabilities and solutions. Bridge the gap by employing a centralized cybersecurity team and empowering it to make decisions that can mitigate threats and attacks.
Manage an inventory of digital assets
The critical infrastructure consists of various devices, systems, networks, and physical sites. It is nearly impossible to secure every asset in the case of a lack of a monitoring system. Organizations that fail to create an inventory and audit their assets, devices, and other network components become highly vulnerable to cyber-attacks.
Organizations can ensure the security of their critical infrastructure by knowing what they own and auditing their assets. Digital assets may include personal and mobile devices, third-party services, software and hardware, IoT, and a collection of networks and sites. With recent developments of SolarWinds attacks and others, Software Bills of Materials (SBOMS) empower organizations to get to know the internal components of software with greater transparency. It is a huge step forward in preventing cyber-attacks by removing vulnerabilities in the procurement of software.
Upgrade security of OT and IoT
Modern industrial units rely on many OT and IoT devices to ensure a seamless workflow and meet production targets. However, they are not well-designed to cater to the security requirements of critical infrastructure. Cybercriminals can penetrate the network through these devices, leading to high chances of breaches and security threats.
The National Vulnerability Database (NVD) can detect the affected devices and update security measures accordingly.
Artificial intelligence also plays an integral part in the safety of IoT devices with automated identification of anomalies. It immediately notices any deviation from the standard parameters in the industrial process and fixes the system. In addition, AI anticipates future threats by analyzing past attacks’ patterns and reducing blind spots with a data-driven approach. A highly interconnected industrial security system can leverage AI to prevent cyber attacks.
Critical infrastructure is the prime target of cyber criminals because they are the cornerstone of any country. Without its smooth functioning, a state can become a standstill. It is important to check the security level of a critical infrastructure provider before cybercriminals swoop into the vulnerable network. Organizations can invest resources in cybersecurity teams that are well-qualified and well-versed in cybersecurity tactics.