Russia’s invasion of Ukraine has cybersecurity concerns at an all-time high. This is particularly true for critical infrastructure systems. While there has been no direct threat yet, we continue to sharpen our understanding of the vulnerabilities exposing these networks to potential detriment if they were to be attacked. Not only do we have recent history to turn to in order to prove this point, but new data also demonstrates the risky state such sectors find themselves in.
Cyberattacks in Ukraine Sound the Alarm
While the bombing of Ukrainian cities and images of people desperately trying to flee their homes reminds us of the physical catastrophe of conflict, we must remember that cyber warfare can also lead to similar harm, especially when considering attacks on critical infrastructure. As we know, critical infrastructure is what allows societies to control necessities like energy, water and food production. If these were to be completely compromised, the outcome could become fatal. In fact, Forbes referred to a 2021 Gartner, Inc. report which predicted “by 2025, cyber attackers will have weaponized operational technology environments to successfully harm or kill humans.”
Unfortunately, we are seeing the developing stages of the types of attacks that could eventually lead to such brutality, and quite a few occurred in conjunction with Russia’s waging devastation on Ukraine. In recent weeks, Ukrainian websites belonging to the likes of banks and the Ministry of Defense have been targeted. But these newest attacks are not the first geopolitically driven cyber events to impact the country. As Katell Thielemann of Gartner pointed out, Ukraine experienced an attack on its power grid in 2015, which caused outages throughout a number of regions. Following that, a 2017 attack known as “NotPetya” was carried out on organizations like newspapers and radiation monitoring systems at Chernobyl.
Having had our own scares with incidents such as the Colonial Pipeline breach, we are aware of the risks that could escalate in the face of such threats, but the examples unfolding in Ukraine certainly enhance our vision for what could be if we don’t immediately work on shoring up critical security practices.
IBM Security’s X-Force Report Spells Out Concerning Trends
If for some reason that isn’t enough to prove the importance of infrastructure cybersecurity, then statistics have their own warning to share. IBM Security’s X-Force Threat Intelligence Report summarized that 2021 was a record year for the disclosure of vulnerabilities, with the manufacturing industry topping the list. In a period that was already weighed down by global supply chain issues, 2021 proved that there were other problems like unpatched software also affecting the sector. According to Louise Mair at Intelligent CIO, “An alarming 47% of attacks on manufacturing were caused due to vulnerabilities that victim organizations had not yet or could not patch, highlighting the need for organizations to prioritize vulnerability management.” Plus, the report highlights that there are trends to come in cybercriminal activity. One space that will require a lot of security attention is the cloud. Based on the findings presented, a 146% increase in new Linux ransomware code is expected.
How Do We Take Proactive Steps?
While we process the evolution of these threats, a key takeaway is that action is required now. Considering that a cyberattack has not spread beyond the borders of Ukraine at this time does not mean we should sit back and wait. We need to take the cases mentioned and the evidence that there are major flaws in infrastructure security and turn them into the driving forces behind preventative measures. So, how do we begin or continue doing that? Gidi Cohen at Forbes recommends addressing operational technology (OT). We know two major things. One is that OT is essential to critical infrastructure networks. Two is what we state before – the cloud is likely to open up a new array of cyber risks. Since OT is increasingly being combined with IoT, which includes cloud tech, we need to make sure that we take approaches to cybersecurity that implement both. In other words, they are no longer two separate factors that we know. They are a combined element that operators must learn to acknowledge. The Forbes article highlights a survey that concluded that 40% of respondents viewed OT as an “after thought” when compared to digital innovations. Instead, Cohen explained that leaders need to learn how to prioritize both and bridge the gap between them. As organizations work to bring those teams together, risk management will be key. Having these experts monitoring risks and communicating with one another will hopefully lead to greater visibility as well as the production of harmonious ideas that strengthen proactive and reactive cybersecurity plans.
Sources:
- “Why Critical Infrastructure Attacks Are Everyone’s Problem — Especially Now” – Laurence Gosaduff, Gartner
https://www.gartner.com/en/articles/why-critical-infrastructure-attacks-are-everyone-s-problem-especially-now - “Manufacturing felt brunt of cyberattacks in 2021 as supply chain woes grew” – Louise Mair, Intelligent CIO
https://www.intelligentcio.com/north-america/2022/03/09/manufacturing-felt-brunt-of-cyberattacks-in-2021-as-supply-chain-woes-grew/# - “Ransomware Attack Trends: Critical Infrastructure In The Crosshairs” – Gidi Cohen, Forbes
https://www.forbes.com/sites/forbestechcouncil/2022/03/08/ransomware-attack-trends-critical-infrastructure-in-the-crosshairs/?sh=2059685f5d4c
Learn about the ultimate solution to protect infrastructure networks, Net-Optix.