Everything you ever wanted to know about security policy management, and much more.
It’s the final week of the National Cyber Security Awareness Month and the theme is ‘Protecting Critical Infrastructure from Cyber Threats,’ which focuses on the essential systems that support our daily lives – such as electricity, transportation and banking – and their vulnerability to attack and exploitation by criminals.
These are not just potential vulnerabilities: they’re all too real. Over the past two years, power, transportation and banking services have all been targeted by criminals, resulting in major disruption and financial losses. Here’s a brief recap of those attacks:
These attacks were damaging enough. But they’re also a clear warning that future attacks on critical infrastructure could be even worse, directly impacting the lives of millions of people. For example, what if the electricity supply to a city was cut off, even just for 48 hours? Businesses would not be able to function; hospital patients and vulnerable people could die; citizens may have to be evacuated. A large-scale attack on the banking system could paralyze the financial markets and cause businesses – even economies – to fail. And attacks that disrupt transportation systems such as air-traffic control or satellite navigation could have obvious, deadly consequences.
Diverse systems, common security challenges
So how do we build better security into critical infrastructure, to stop attackers being able to target these vital systems and disrupt day-to-day operations? It’s a huge challenge, because of the sheer variety (and complexity) of the networks and systems in use across the different industries and sectors globally.
For example, in power and water utilities as well as in the transport sector, there are large numbers of cyber-physical systems consisting of industrial equipment such as turbines, pumps and controllers, which are managed by computerized industrial control systems. These operational systems were not designed with security in mind: they simply carry out the instructions they receive from their command and control centers. These connections and communications are done via IP-based networks – which, without proper network defenses, means they can be accessed over the Internet. As we saw earlier with the attacks launched by the ‘Dragonfly’ group, a hacker that infiltrates the networks of the organization can then gain access to, and control over those operational systems to cause disruption and damage.
In the banking sector, there’s also a diverse range of systems, handling functions such as funds transfers between banks, payments processing, managing business and customer accounts, and much more. But as we saw with the attacks on the SWIFT network in 2016, these systems and networks are poorly protected and allow attackers to create fraudulent transactions.
So despite the substantial differences between industry sectors and their networks, the security challenges for all critical infrastructure organizations are similar: stop hackers being able to infiltrate networks – and if they do succeed in breaching the organization’s perimeter defenses, stop them being able to move laterally across networks to access critical systems and resources.
Securing critical infrastructure
As such, network segmentation is one of the core foundation strategies for securing critical infrastructure organizations. This means keeping critical assets and operational systems separate from other networks in the organization, and from the public Internet, and surround them with firewalls so that they cannot be accessed by unauthorized people.
With the rapid rise in ransomware attacks over the past 18 months, which are designed to exploit internal network connections and pathways to spread rapidly and cause maximum disruption, organizations should also employ security best-practices to block and mitigate the impact of ransomware attacks on their critical systems.
In conclusion, protecting critical infrastructure against cyberattacks is a complex challenge, as each industry sector has its own unique use cases and requirements. However, the established security best practices we’ve outlined here can be extremely effective in protecting these vital systems – for the benefit of every one of us.
Receive notifications of new posts by email.