Three ways companies can protect against critical infrastructure attacks

The fallout from infrastructure attacks can affect anyone

clock • 3 min read
Trainlines, water companies and oil & gas pipelines have all been targeted in high-profile attacks
Image:

Trainlines, water companies and oil & gas pipelines have all been targeted in high-profile attacks

Attacks on critical infrastructure used to be the sole domain of nation states. With hacking groups entering the fray, defence has become even more crucial.

In recent months we've seen a surge in criminal attacks on critical infrastructure worldwide, as sophisticated hacking groups attack Industrial Control Systems (ICS) to affect a country's population; for example, targeting power grids and water systems to physically harm civilians. 

In October 2023 alone, about 100,000 ICS were found on the public web, exposed to attackers probing them for vulnerabilities and at risk of unauthorised access. Included among them were power grids, traffic light systems, and security and water systems impacting 96 countries.

At the end of last year, US officials said the Chinese military had hacked into the system of about two dozen critical entities in the US over the past year, including a water utility in Hawaii, a major West Coast port, at least one oil and gas pipeline and the Texas power grid.

Until recently, attacks on ICS were mostly initiated with nation-state backing, led by countries such as China, Russia and Iran. But today, these types of attacks are also launched by criminal groups.

The rise of ransomware-as-a-service streamlined the hacking process so that now, even those with minimal hacking experience can utilise advanced ransomware programs by paying a relatively small fee to malware creators. This has led to a surge in hackers actively engaging in cybercrime. Companies with manufacturing capabilities, in particular, have become popular targets of this type of activity.

Similarly, supply chain attacks have typically been associated with nation-state sponsored groups. However, here, too, cybercriminals have started to adopt this attack vector, exploiting vulnerabilities in supply chain vendors to gain unauthorised access and infiltrate critical infrastructure organisations.

With the danger of attack on critical infrastructure rising, the question is how companies can protect themselves. Here are three key ways IT security leaders can mitigate risks:

1. Cloud security transformation 

Transitioning to cloud-native security is an important step in reducing risk and staying secure, as organisations modernise their infrastructure and environments. Handled correctly, a cloud-native security environment can help organisations anticipate, adapt and respond to cyber threats with full transparency in an increasingly connected world.

2. Risk-based incident response planning 

Because no approach to cybersecurity guarantees full protection, preparing an effective, rapid response to attack in advance is crucial to protecting an organisation's assets. Developing and maintaining an effective incident response plan enables companies to respond to threats quickly, to minimise their potential business impact. 

An effective incident response plan should be built around a risk-based approach. It should map an organisation's top business risks with realistic attack scenarios, address "best practices" for remediation across the entire incident life cycle, and define a target response window of acceptable loss.

The plan should also include periodic risk assessments, perform systematic analysis and containment for security breaches, and utilise monitoring systems and dashboards to monitor and identify security incidents. 

3. GenAI-powered security 

Implementing generative AI (GenAI) into an organisation's cybersecurity strategy and implementation facilitates a deeper understanding, helping companies navigate the complexities of today's cyber threat landscape. But it isn't always easy.

It may be faster and more convenient to outsource the work to an advanced Managed Detection & Response (MDR) provider, which leverages GenAI to provide customers with faster threat detection, reduced dwell time and quicker, more effective response.

Moreover, utilising GenAI ensures that the organisation's cybersecurity needs continue to be met while, at the same time, freeing up internal resources to stay focused on their core business activities.

As geopolitical tensions continue to escalate between the US, Russia and China, as well as in the Middle East, and cyber-criminal groups become more capable and confident, it has never been more important to consider how your organisation is protected against critical infrastructure attacks. Now is the time to start assessing your organisation's risks and taking steps to implement the appropriate detection and response measures. 

Yuval Wollman is president at CyberProof - a UST company. Previously, Yuval spent a decade-long career in the Israeli public sector, where he served most recently as Director-General of the Israeli Intelligence Ministry and became the senior economic adviser to the Finance Minister and Chief of Staff. He is also a certified lawyer and adjunct professor at Tel Aviv University Business School. 

You may also like
Fortinet confirms data breach

Hacking

Assures customers of limited impact

clock 16 September 2024 • 2 min read
Facebook and Instagram to hide AI-edited image labels

Social Networking

Claims new approach will better reflect extent to which AI has been used

clock 16 September 2024 • 3 min read
Ransomware targets London branch of China's ICBC

Hacking

We don't yet know whether the bank has paid the ransom

clock 13 September 2024 • 2 min read
Most read
01

Fortinet confirms data breach

16 September 2024 • 2 min read
03

Ransomware targets London branch of China's ICBC

13 September 2024 • 2 min read
04
05

Teen arrested over TfL cyberattack

13 September 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Threats and Risks

China refuses to sign agreement on AI control of nuclear weapons

China refuses to sign agreement on AI control of nuclear weapons

Global call to maintain human involvement in all nuclear related decisions

clock 12 September 2024 • 3 min read
Microsoft Patch Tuesday: Four zero day bugs squashed

Microsoft Patch Tuesday: Four zero day bugs squashed

In a total of 79 vulnerabilities patched in September

John Leonard
clock 11 September 2024 • 2 min read
UK and allies reveal methodology of Russian GRU threat actor Unit 29155

UK and allies reveal methodology of Russian GRU threat actor Unit 29155

Group has targeted organisations including governments and critical infrastructure providers for espionage purposes

John Leonard
clock 06 September 2024 • 2 min read