By Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea
Today, everyone is well aware of the widespread and serious nature of cyber threats. Cyber criminals have infiltrated almost every sector, from banking to healthcare to government departments. And as the years go by, we see increasingly sophisticated and harmful attacks happening.
However, while personal data and financial privacy remain top concerns in the public’s mind, there are other targets in the crosshairs of cyber criminals that pose an even greater threat to society – critical infrastructure.
How is critical infrastructure being impacted by modern cyber threats?
Critical infrastructure attacks are becoming a major concern for the safety of people worldwide. A 2022 report from Waterfall Security states that major sectors like energy, utilities, and transportation experienced over 150 cyber attacks last year, representing an alarming rise of almost 150% from the year before.
Cyber criminals, using methods like ransomware and DDoS attacks, are focusing on essential systems that maintain the well-being and security of communities. As more public services organisations and government agencies digitise their operations, the risks of these types of attacks are only going to continue to rise.
Fighting back: How organisations are protecting critical infrastructure
Awareness and action are two primary factors contributing to critical infrastructure organisations fighting back against modern cyber threats.
Below are some key actions that need to be taken by organisations to reduce the risks of major operational disruptions due to cyber attacks:
Adopting a proactive approach to cyber security
Not having proactive security measures in place is a major risk within critical infrastructure systems. This not only includes taking the time to audit and test systems for potential weaknesses, but also putting more priority into budgeting and allocating resources to cyber security.
Focusing on network segmentation
Because of the amount of data and interconnected systems that make up critical infrastructure operations, there are wide attack surfaces for cyber criminals to exploit. To significantly limit the impact of potential attacks, organisations need to focus on network segmentation and strong access controls between both IT and OT (Operational Technology).
By dividing networks into smaller pieces and implementing security measures, such as Privileged Access Management (PAM) and Defence in Depth protocols, it becomes much more difficult for attackers to move laterally across systems and networks.
Establishing a cyber security culture
Without a culture of security awareness, organisations aren’t able to effectively identify and combat the constant threats. This requires a much more holistic approach, going beyond just implementing security technologies and instead establishing a culture of security throughout the entire organisation. Employees who are trained are more likely to report suspicious activity and contain an attack before it turns into a catastrophe.
Because critical infrastructure systems often involve a large number of employees and third-party contractors, it is essential to educate and train everyone on security best practices including the use of Remote Desktop Protocol (RDP) and strong password hygiene such as using a password manager or PAM (Privileged Access Management) solution.
Creating a comprehensive incident response plan
With the crosshairs consistently on organisations with industrial operations, it’s important to think of cyber attacks as a matter of “when” instead of an “if”. This means having a comprehensive incident response plan in place to effectively counter and respond to attacks.
This plan should include steps such as identifying the breach, containing and minimising damage, restoring systems, and learning from the incident to improve future response.
Keep our critical infrastructure secure
No matter where a cyber security threat comes from, organisations must have a comprehensive strategy in place to protect their infrastructure. Prioritising network segmentation, strong access controls, establishing a culture centered on cyber security, and having a clear incident response strategy can help organisations minimise or avoid altogether these crippling attacks.