Cybersecurity is ranked by executives as the second-highest risk to enterprises, while attacks on critical infrastructure are rated as the fifth-highest global risk by the World Economic Forum

Cyber threats critical infrastructure

Organisations are accelerating digitisation to survive and thrive, which places more focus on operational systems (Credit: Shutterstock/Den Rise)

As industrial organisations ramp up connectivity to accelerate digital transformation and remote working, cyber threats to industrial and critical infrastructure are growing in number, sophistication and persistence. International Water Power & Dam Construction (IWP&DC) magazine provides an insight into how cyber risk has reached an all-time high.

 

As society deals with the second year of the Covid-19 pandemic, organisations are accelerating digitisation to survive and thrive. This places more focus on operational systems, which are at the heart of value and revenue creation.

Adding to the challenges, cybersecurity is ranked by executives as the second-highest risk to enterprises, and attacks on critical infrastructure are rated as the fifth-highest global risk by the World Economic Forum.

A new report from Nozomi Networks Labs provides an overview of the most significant threats and vulnerability trends of recent months and provides actionable insights and recommendations for securing operational systems. In surveying the threat landscape, the company says that two types of threat stand out – supply chain and persistent ransomware.

Nozomi Networks says the most notable cyber operation of 2020 was the SolarWinds supply chain attack that resulted in the infection of thousands of organisations. The company believes this attack should re-iterate that now is the time for asset owners to re-evaluate the attack surfaces of their OT/IoT systems, and reassess supply chain risks.

The SolarWinds attack in December 2020 involved an advanced threat actor that compromised one of its network monitoring products widely used to manage IT infrastructure. 

Victims of the attack included US government agencies, critical infrastructure and manufacturing operations. The damage is described as being “sophisticated espionage”, with unknown impacts in the future.

“This report leaves no doubt that the time for action is now,” says Moreno Carullo, Nozomi Networks’ co-founder and chief technology officer.

“The recent water system attack in Oldsmar, Florida, and the ongoing SolarWinds investigation are dramatic reminders that the critical infrastructure and other systems that we rely on are vulnerable and at constant risk of attack. Understanding the effectiveness of defences against the emerging threat and vulnerability landscape is vital to success.”

 

Recommendations to improve defences against cyber threats to industrial and critical infrastructure

In the report, Nozomi Networks’ security research team gives cybersecurity professionals an overview and summarises the biggest threats and risks to OT and IoT environments.

The analysis provides information on 18 specific threats that IT and OT security teams should study as they model threat vectors and evaluate risks across operational technology systems. It includes 10 key recommendations and actionable insights to improve defences against the current threat landscape.

The report found:

  • Ransomware activity continues to dominate the threat landscape, growing in sophistication and persistence. In addition to demanding financial payments, ransomware gangs are exfiltrating data and deeply compromising networks for future nefarious activities.
  • Supply chain threats and vulnerabilities show no signs of slowing. The unprecedented SolarWinds attack demonstrates the massive potential for an attack via supply chain weaknesses.
  • Analysis found memory corruption errors are the dominant vulnerability type for industrial devices.

 

“Urgency has never been higher,” said Nozomi Networks CEO Edgard Capdevielle. “As industrial organisations race toward digital transformation, threat actors are taking advantage of greater OT connectivity to create attacks that aim to disrupt operations and threaten the safety, profitability and reputation of enterprises around the globe.

“While threats may be on the rise, the technologies and practices to defeat them are available today. We encourage organisations to act quickly to implement the recommendations in this report.

“It’s never been more important or more possible to take the necessary steps to detect and defend critical infrastructure and industrial operations.”

 

This article originally appeared in International Water Power & Dam Construction magazine