As I mentioned in last week’s blog, the Cyber pundits have
been playing it rather low key when it came to making predictions as to what
2022 could look like. The year before that,
the headlines were packed with predictions.
Maybe people are getting tired of hearing about Cyber-attacks, or
perhaps the assumption is that the same will continue this year?
Even I have not posted any predictions, as I think it will
be the latter. The threat landscape will
probably be a lot like 2021, but with perhaps some newer variants coming
out. Ransomware will still be at the top,
but with a different target: The nation’s
Critical Infrastructure. Sure, we have
all heard this term, but what does it really mean?
Well, it simply refers to those systems that are at the
heart of our nation, and what we come upon as a necessity for daily life. Typical examples of these include our water supply,
electrical grid, nuclear facilities, rail and air systems, and even our agricultural
sector when it comes to food processing and distribution.
You may be wondering why now all of a sudden, they will be a
target? Well actually, they have been
targeted for quite some time, but just never made the news headlines. At least until now.
Probably the biggest story to catch our attention in this regard
was the Colonial Gas Pipeline attacks.
Here were some of the impacts of it:
*Almost 50% of the gas pipelines in the eastern part of the
United States was shut down;
*Drastic increases in the price of natural gas in the
financial markets;
*Over 10,000 gas stations ran out of fuel;
*The company paid out a whopping $4.4 million to the Cyberattack
group in order to bring systems back online again.
It is important to keep in mind that the many of the integral
components of the Critical Infrastructure were built back in the 1970s and
early 1980s. Back then, Cybersecurity
was never an issue, people were only concerned about physical security. Plus, many of the parts that have gone into
building these components are no longer available these days, so you simply
cannot rip them ou and put new ones in that are Cyber compliant.
Theoretically you could do that, but the downtime suffered
would be totally detrimental to the country.
And, you simply just cannot add on new Cybersecurity tools and technologies. They have to be able to work seamlessly with the
legacy systems, without any issues. So given
all of this, what does 2022 hold for our Critical Infrastructure? Well, there is the bad and the good. Let’s first start with the bad:
1)
More attacks will continue:
Unfortunately, this is going to be
the norm. While they may not be the large-scale
attacks like the one just described, it is anticipated that that there will be
many small attacks, in order to throw the IT Security teams off guard as their
main emphasis has always been on the protection of digital based assets. IMHO, I don’t know of how many Cyber
professionals out there that have credentials to specifically safeguard the legacy
systems of the Critical Infrastructure.
2)
The IoT will grow even more:
The trend here will be for further
growth in what is known as the “Internet of Things”, or the “IoT” for short. This is where all of the objects that we
interact with on a daily basis in both the physical and virtual worlds are all
linked together. While this does have
its advantages, many IoT systems still lack strong Cyber standards, thus making
them a prime target for the Cyberattacker, because of the expanded surface. But the emphasis here in 2022 will be that on
the growth of the IIoT, with first “I” represent the term “Industrial”. This includes market segments such as gas turbines,
all types of manufacturing equipment, or
charging stations for electrical cars. Since
they depend to some degree or another on our Critical Infrastructure, once again,
this will only exacerbate the targeting of legacy systems even more.
Now, here is the good news:
1)
More involvement from the Federal Government:
The Biden Administration, in their
Executive Order that came out last year, mentioned specifically putting aside a
huge chunk of change to upgrade the nation’s Critical Infrastructure, and to
implement some kind of Cyber countermeasures into them. How long this will take is anybody’s guess,
but at least now we have the attention of the leaders of our country. Hopefully this will shake some things up this
year. What is really needed is funding,
and more than what is already been promised.
2)
More advanced tools:
The positive here is that there has
been a huge development in automation, at least when it comes to the Cyber
world. In this regard, you have to give
credit to the tools of Artificial Intelligence (AI) and Machine Learning
(ML). With them, many of the mundane and
routine processes can be done automatically, which even includes the detection
of suspicious activity and even threat variants that have hit your
systems. Many of them can now be
stopped, with hardly any human intervention involved. There is work now being done as to how this
can be applied to the Critical Infrastructure.
For example, if security breach is to happen, the entire infrastructure
has to be brought down in order to mitigate the threat. But by using AI and ML here, there does not
have to the need for a 100% shutdown, rather, the threats can be stopped in
real time, as they are happening right now in the digital world.
3)
The C-Suite will be paying attention:
Whether you love or hate them, the C-Suite
of the Critical Infrastructure will now be held to the hot seat, and grilled by
their respective Board of Directors as to what is being done to protect their
systems. The bottom line here is ignorance
and excuses from the C-Suite will no longer be acceptable. They will be held accountable (at least this is
the thought for right now) for any actions not taken to help prevent
Cyberattacks from occurring to nation’s Critical Infrastructure.
My Thoughts On This:
Although protecting the Critical Infrastructure can be a
difficult task from a technical standpoint (as discussed earlier), I do hope
and pray that we take attacks to Critical Infrastructure much more seriously
now. We, as nation, simply cannot keep
paying the ransom, because if we do, this will only stimulate more attacks.
Remember the horrific days of 9/11? Well, it won’t be airplanes crashing into
buildings, but it will be a Colonial Gas Pipeline attack, but magnified on a
scale of 10X, where there will be simultaneous attacks on different components
of the Critical Infrastructure.
To put it bluntly, can you imagine going with food and water
for weeks? I cannot.
No comments:
Post a Comment