[ad_1]
Sundar Balasubramanian, Managing Director, Check Point Software Technologies, India and SAARC
The year 2022 saw an expected increase in cyber attacks across all industries, although the scale and sophistication of these attacks varied across the globe. However, it has been reported that most countries could see an increase in cyber attacks in their key critical infrastructure sectors due to the vital role it plays in the lives of citizens in that country.
The National Critical Information Infrastructure Protection Center (NCIIPC) in India, the Government of India organization designated as the National Nodal Agency for Critical Information Infrastructure Protection has identified the following as ‘critical sectors’ – Power and Energy, Banking, Financial Services and Industry, Telecommunications, Transport, Government and Strategic and Public Enterprises. All of these, which provide services essential to the day-to-day functioning of society, are hives of the most sensitive and confidential data that threat actors can easily monetize on the Dark Web, leading to further cybercrime and disruption.
Unfortunately, the potential for widespread disruption is not unnoticed by cybercriminals. In India, close to seven attacks on critical infrastructure have wreaked havoc for those in the industry – from the Oil India Limited ransomware attacks in April and May on grounded Spice Jet flights, stranding passengers for 4 hours, to Goa’s flood monitoring system in June and the banking data breaches reported in August in connection with the recent cyber attacks on the health sector AIIMS and the resulting attack on Safdarjung Hospital in New Delhi, made the authorities understand the need to prepare for escalating cyber attacks in the future.
This increases the risk has already been felt around the world with various national and public authorities being targeted, since governments in Cuba and Peru water companies such as South Stafford Water as well The largest railway operator in Denmark and the The NHS, which was hit by an attack on its supply chain. With heightened political tensions around the world, the potential for another attack on our critical infrastructure is not only worrisome but very likely. We examine what the current threat landscape looks like and how companies, as well as government agencies, can better protect themselves.
Why are critical industries more at risk?
This focus on critical infrastructure is intentional. Cybercriminals are acutely aware of the impact any disruption has on vital services, not only financially but also on public trust. For example, in the utility sector, you can’t expect people to be without electricity or water, which means companies are more likely to pay in the event of ransomware. Hackers are also very careful and will attack during periods of unrest, for example using the ongoing energy crisis as an entry point to phishing or man-in-the-middle attacks.
The second a common risk factor among critical infrastructure organizations is that they all have a high level of interconnected legacy technology. This may include old devices that may not be used every day but are still active, or a machine that is critical to business processes but can only run on older software that cannot be patched. Much of this legacy, although located on our managed networks, is not owned by our digital and security teams. It’s true that some industries are more dependent than others, such as utilities, but everyone has their own battle to overcome.
The lack of a cohesive understanding of their technology estate makes it much more difficult for these industries to implement a holistic security strategy and also provides hackers with more ways to gain access to the wider network.
Is increased connectivity a problem?
This problem is exacerbated by the introduction of IoT devices that are incredibly complex to manage and are rarely built with security in mind. As companies collect more data and expand their network infrastructure, they become more attractive to hackers and harder to defend against threats.
It is vital that past experiences, such as the colonial pipeline, are not forgotten, but used to fuel the next steps. While increased connectivity expands the attack surface and makes it harder to manage, there are technologies that help protect IoT devices from new threats and make this transition period easier.
It is important that we do not stand in the way of technological progress. If we look at the transportation industry, when we board an airplane, we have no idea if the pilot is in control or if it’s just on autopilot. But we still go on vacation and travel with confidence. It is possible to build the same level of trust when it comes to progress in driverless cars, despite their increased connectivity and reliance on IT. To get there, manufacturers need to build security into these products. If things are designed with security in mind, they are less likely to be hacked. This is a transferable message that should underpin every new decision, in every sector, but especially in critical infrastructure.
Securing our future
Many organizations are good at risk management, but lack an end-to-end cyber strategy that covers everything from employee engagement and BIOD security to firewall management and anti-malware. A lack of any element can create a vulnerability with harmful consequences. What is the conclusion from this? I think there are four key elements:
- Communication is key: You are only as strong as your weakest link, so it is crucial that there is an open dialogue within the company from the board to the IT department. Any device that has access to a company’s network can allow hackers to gain access if it is not properly managed. The problem is compounded by the shift to home and hybrid work, so organizations need to talk to employees and educate them on how to stay safe.
- Visibility and segmentation: It is impossible to successfully secure a network without understanding the assets within it. A complete inventory, including cloud assets and data stores, will reveal any weaknesses such as unpatched security updates or devices running outdated firmware. When you map a network, you can apply strategies like segmentation, which creates virtual internal barriers that prevent hackers from moving laterally and causing widespread damage.
- CISOs need to do their part: The CISO’s role is to ensure that the board has a better understanding of the risks facing the business. Your job is to influence and make it clear to them in a language they understand. This means stating the business consequences of poor security. There is a general lack of communication between CISOs and the wider business, and this needs to change to better secure our mission-critical services.
- The need for comprehensive authority: As we look at the challenges facing critical infrastructure, it’s clear that companies in all sectors need to improve their cybersecurity programs. But they can’t do it alone. We need a single regulatory body that can help these sectors implement standard practices. This will reduce disparities in cybersecurity spending, for example for energy and water.
Around the world, the critical infrastructure sector has been shining a beacon that attracts cybercriminals far and wide. The threat level continues to rise and the consequences are becoming more severe as we have witnessed here in India. Now is the time to take action and prevention should be at the heart of every step you take to better protect yourself.
[ad_2]
Source link