Cyberwarfare is Happening Today. Critical Infrastructure is in the Crosshairs.

Cyberwarfare is Happening Today. Critical Infrastructure is in the Crosshairs.

02 Feb 2022

by Daniel Bren, CEO and Co-founder, OTORIO

In 1997, the US Department of Defense (DoD) conducted the first “cyberwar” war games, called Eligible Receiver

Fast forward a decade, and in 2007 the secret Aurora Generator Test showed how a cyberattack on an industrial control system (ICS) could cause physical damage to a machine and its surroundings.

Fast forward almost another decade, and the 2015 Russian cyberattack on the Ukrainian power grid was the first of its kind to successfully target and damage energy infrastructure. 

Fast forward just seven more years, and – déjà vu - we’re witnessing another escalating crisis in Ukraine, alongside rising tensions between Russia and the West. The major difference today? Offensive cyber capabilities are well established as belligerent foreign policy tools for rogue nations like Russia, Iran and North Korea. Today, cyberattacks against critical infrastructure are being used strategically to foment and influence the course of political conflicts. 

This means that today, cyberwarfare – just as it was imagined in 1997 – has become a reality. And cyber defense of critical infrastructure has become a key component of national security for all nations.

Cyberattack – Tough to Localize

A major problem with cyberwarfare, as with traditional warfare, is spillover. Conflicts have historically snowballed, drawing in entities not originally involved in the original conflict. Cyberwarfare is no different.

When Russian hackers unleashed a virus called NotPetya in 2017 on the eve of Ukrainian Constitution Day, it successfully disabled Ukrainian government and banking computing infrastructure, and impacted some 80 Ukrainian companies. It also – terrifyingly – shut down monitoring systems in the Chernobyl nuclear power plant

But NotPetya didn’t stop at the Ukrainian border. It spread to companies around the world, causing millions of dollars in damages.

And that’s why Western countries are watching the unfolding Ukraine conflict with extra concern. They’re not just hardening defenses against direct Russian cyberattacks on critical infrastructure in response to possible Western sanctions, if imposed; they’re also worried about unintentional damage to critical infrastructure or the global supply chain from attacks that spread from their original targets.

 

The US Department of Homeland Security is calling on critical infrastructure operators to be on high alert in the face of a wide range of offensive cyber tools

 

Cyberattacks against the energy sectors are particularly concerning to the US. The memory of the Colonial Pipeline shutdown last May is still fresh, and serious damage to the US critical infrastructure could trigger a significant backlash.

In recent days, NATO officials have warned of a cyberattack by Russia. In the UK, the National Cyber Security Centre (NCSC) has issued new guidance which explains that it is vital that companies stay ahead of potential threats. CISA, the FBI and the NSA have also issued a joint advisory urging US companies to minimize the gaps between IT and OT security coverage, to maintain an incident response plan, and to manage vulnerabilities and configurations. And the US Department of Homeland Security is calling on critical infrastructure operators to be on high alert in the face of a wide range of offensive cyber tools that could target critical infrastructure in the US - from low-level denials-of-service to destructive attacks.

These events represent yet another step in the dangerous evolution of increasingly sophisticated and effective offensive cyber capabilities. The threat of cyberwar is now very real, and critical infrastructure faces a clear and present danger.

 

Companies need to take a proactive approach - assessing risk by gaining visibility into their networks and understanding exposure, then proactively mitigate those risks. 

 

What Can be Done?

The best way for critical infrastructure to deal with the emerging threat of cyberwar spillover or direct cyberattack by Nation-State or cybercrime threat actors is basic cyber hygiene. Companies need to take a proactive approach - assessing risk by gaining visibility into their networks and understanding exposure, then proactively mitigate those risks. 

It’s also important to realize that securing the networks that control industry and infrastructure demands a different type of cybersecurity approach. Both government and industrial/critical infrastructure operators are becoming aware of the need for attack mitigation tools that were designed and built from the ground up for OT ecosystems - with operational processes and business continuity as their number one priority. 

Otorio offers the world’s first end-to-end, industrial-native portfolio of cybersecurity solutions together with a rich portfolio of field-proven professional services including Incident Response, Risk Impact Assessment, Penetration Testing, and Training. 

 

Here’s how OTORIO helps the world's leading energy and utility companies: 

  • Understand the potential risk - ReconOT is an automatic, passive OT-centric reconnaissance tool for discovering a company's assets as they are seen by a potential attacker. 
  • Quickly assess your security posture - spOT delivers enriched OT, IT and IIOT asset inventory quickly and empowers operational security teams with compliance reports based on security standards and frameworks such as IEC 62443, NERC CIP and NIST. 
  • Apply continuous risk monitoring and management - RAM2 continuously discovers, analyzes, and monitors all OT, IT and IIOT assets within the operational environment. The solution correlates risks and alerts and prioritizes them based on their impact on operational and business continuity, providing security teams with a manageable number of alerts and simplified mitigation playbooks.  

 

Contact us today for more information.

11 Jan 2022 A House of Cards: Shoring Up the OT Digital more...
02 Mar 2021 OTORIO’s Pen-Testers discovered more than 20 vulnerabilities in a popular Industrial Remote Access Solution more...
10 Feb 2021 Florida’s Water Poisoned by Hackers: A Warning Signal more...
×

OTORIO website uses cookies. By continuing to browse the site you are agreeing to our use of cookies. For more details about cookies and how to manage them, see our cookie policy.

Continue