Sunday, January 9, 2022

The Good & Bad News For Critical Infrastructure Cybersecurity In 2022

 


As I mentioned in last week’s blog, the Cyber pundits have been playing it rather low key when it came to making predictions as to what 2022 could look like.  The year before that, the headlines were packed with predictions.  Maybe people are getting tired of hearing about Cyber-attacks, or perhaps the assumption is that the same will continue this year?

Even I have not posted any predictions, as I think it will be the latter.  The threat landscape will probably be a lot like 2021, but with perhaps some newer variants coming out.  Ransomware will still be at the top, but with a different target:  The nation’s Critical Infrastructure.  Sure, we have all heard this term, but what does it really mean?

Well, it simply refers to those systems that are at the heart of our nation, and what we come upon as a necessity for daily life.  Typical examples of these include our water supply, electrical grid, nuclear facilities, rail and air systems, and even our agricultural sector when it comes to food processing and distribution. 

You may be wondering why now all of a sudden, they will be a target?  Well actually, they have been targeted for quite some time, but just never made the news headlines.  At least until now.

Probably the biggest story to catch our attention in this regard was the Colonial Gas Pipeline attacks.  Here were some of the impacts of it:

*Almost 50% of the gas pipelines in the eastern part of the United States was shut down;

*Drastic increases in the price of natural gas in the financial markets;

*Over 10,000 gas stations ran out of fuel;

*The company paid out a whopping $4.4 million to the Cyberattack group in order to bring systems back online again.

It is important to keep in mind that the many of the integral components of the Critical Infrastructure were built back in the 1970s and early 1980s.  Back then, Cybersecurity was never an issue, people were only concerned about physical security.  Plus, many of the parts that have gone into building these components are no longer available these days, so you simply cannot rip them ou and put new ones in that are Cyber compliant.

Theoretically you could do that, but the downtime suffered would be totally detrimental to the country.  And, you simply just cannot add on new Cybersecurity tools and technologies.  They have to be able to work seamlessly with the legacy systems, without any issues.  So given all of this, what does 2022 hold for our Critical Infrastructure?  Well, there is the bad and the good.  Let’s first start with the bad:

1)     More attacks will continue:

Unfortunately, this is going to be the norm.  While they may not be the large-scale attacks like the one just described, it is anticipated that that there will be many small attacks, in order to throw the IT Security teams off guard as their main emphasis has always been on the protection of digital based assets.  IMHO, I don’t know of how many Cyber professionals out there that have credentials to specifically safeguard the legacy systems of the Critical Infrastructure.

2)     The IoT will grow even more:

The trend here will be for further growth in what is known as the “Internet of Things”, or the “IoT” for short.  This is where all of the objects that we interact with on a daily basis in both the physical and virtual worlds are all linked together.  While this does have its advantages, many IoT systems still lack strong Cyber standards, thus making them a prime target for the Cyberattacker, because of the expanded surface.  But the emphasis here in 2022 will be that on the growth of the IIoT, with first “I” represent the term “Industrial”.  This includes market segments such as gas turbines,  all types of manufacturing equipment, or charging stations for electrical cars.  Since they depend to some degree or another on our Critical Infrastructure, once again, this will only exacerbate the targeting of legacy systems even more.

Now, here is the good news:

1)     More involvement from the Federal Government:

The Biden Administration, in their Executive Order that came out last year, mentioned specifically putting aside a huge chunk of change to upgrade the nation’s Critical Infrastructure, and to implement some kind of Cyber countermeasures into them.  How long this will take is anybody’s guess, but at least now we have the attention of the leaders of our country.  Hopefully this will shake some things up this year.  What is really needed is funding, and more than what is already been promised.

2)     More advanced tools:

The positive here is that there has been a huge development in automation, at least when it comes to the Cyber world.  In this regard, you have to give credit to the tools of Artificial Intelligence (AI) and Machine Learning (ML).  With them, many of the mundane and routine processes can be done automatically, which even includes the detection of suspicious activity and even threat variants that have hit your systems.  Many of them can now be stopped, with hardly any human intervention involved.  There is work now being done as to how this can be applied to the Critical Infrastructure.  For example, if security breach is to happen, the entire infrastructure has to be brought down in order to mitigate the threat.  But by using AI and ML here, there does not have to the need for a 100% shutdown, rather, the threats can be stopped in real time, as they are happening right now in the digital world.

3)     The C-Suite will be paying attention:

Whether you love or hate them, the C-Suite of the Critical Infrastructure will now be held to the hot seat, and grilled by their respective Board of Directors as to what is being done to protect their systems.  The bottom line here is ignorance and excuses from the C-Suite will no longer be acceptable.  They will be held accountable (at least this is the thought for right now) for any actions not taken to help prevent Cyberattacks from occurring to nation’s Critical Infrastructure.

My Thoughts On This:

Although protecting the Critical Infrastructure can be a difficult task from a technical standpoint (as discussed earlier), I do hope and pray that we take attacks to Critical Infrastructure much more seriously now.  We, as nation, simply cannot keep paying the ransom, because if we do, this will only stimulate more attacks.

Remember the horrific days of 9/11?  Well, it won’t be airplanes crashing into buildings, but it will be a Colonial Gas Pipeline attack, but magnified on a scale of 10X, where there will be simultaneous attacks on different components of the Critical Infrastructure.

To put it bluntly, can you imagine going with food and water for weeks?  I cannot.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...