Conserving the world’s assets during Infrastructure Security Month 2023

Although it wasn’t well known when it was first established, Critical Infrastructure Security Month has steadily gained more prominence in recent years due to increasing awareness of the need to protect the world’s most vital systems and networks. Infrastructure Security Month is observed during the month of November, and it serves as a nationwide effort to educate the public about the crucial role that critical infrastructure plays in helping us get access to different resources on a daily basis.

When going about our everyday lives, we generally don’t consider the types of critical infrastructure that contribute to the proper functioning of society until something goes wrong. For example, it may come to mind when a storm causes a power outage that then disrupts essential services such as emergency response or transportation. Critical infrastructure sectors are all interconnected within their ecosystem, so an attack on one network or system could potentially expose multiple other industries to the same threat (put simply, it’s a domino effect).     

Sectors that are attractive targets for cybercriminals

A few critical infrastructure sectors that CISA deems important to protect include healthcare and public health, financial services, food and agriculture, water systems, government facilities, energy and utilities, transportation, and more. Organizations in these industries all provide goods, services, or facilities (e.g. internet connectivity, roads and bridges, data storage, etc.) that are indispensable for daily life at home or in the workplace. At the same time, these industries are highly susceptible to cyberattacks because there is an opportunity for bad actors to cause more real-world damage.

A high-profile attack on critical infrastructure

One of the most prominent examples of a high-impact attack on essential infrastructure is the 2021 Colonial Pipeline breach. The ransomware incident was perpetrated by the Russian-based group DarkSide, and it involved a massive shutdown lasting nearly six days. The attack’s impact was widespread because Colonial Pipeline provides gasoline, jet fuel, and diesel for nearly half of the Eastern United States. These factors, combined with declarations of state emergencies from the U.S. government, caused panic among the public as individuals scrambled to stock up on gas amidst rising prices and fuel shortages across 11,000 gas stations.

Colonial Pipeline ultimately paid $5 million in cryptocurrency to regain access to its systems after the cybercriminal syndicate stole hundreds of gigabytes of confidential data as a result of the attack. Although this cyberattack is just one of many that have occurred within the critical infrastructure space, it underscores how prone these industries are to some of the most basic tactics used by malicious hackers to exploit systems and networks.

Ways of improving critical infrastructure cybersecurity

We have a collective responsibility to continually find new ways of improving security, and part of this involves proper education of preventative measures. The following list includes a collection of best practices that critical infrastructure organizations can apply to decrease the risk of disruptions:

1. Implement a Zero Trust approach. In critical infrastructure industries, firms should adopt a Zero Trust policy in order to ensure that only those who need access to certain resources to perform their job will receive them. A Zero Trust framework provides both least-privilege access and helps companies maintain strict access controls.

2. Secure your Internet of Things (IoT) devices. Gadgets such as smart sensors for IoT devices can help in monitoring activity across different infrastructures, but they also serve as a potential means for hackers to gain access to sensitive devices. Therefore, it’s important to change default passwords, incorporate the use of multifactor authentication (MFA), and turn on or enhance encryption.

3. Establish an incident response plan. In order to be prepared for a potential cyberattack, CISA suggests having emergency protocols that address the organization’s next steps. This could include a recovery plan that outlines how a firm will regain access to its assets or a document highlighting information regarding the maximum downtime considered acceptable by customers before a solution is reached.

Additional resources

If you’re a critical infrastructure provider and are interested in securing your IoT or operational technology (OT) devices, consider exploring Barracuda CloudGen Firewall Rugged or Barracuda Secure Connector for your security needs.