IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Cyber Attacks Against Critical Infrastructure Quietly Increase

Despite the lack of major headline-grabbing cyber attacks against U.S. critical infrastructure so far in 2022, our global cyber battles continue to increase.

Infrastructure_shutterstock_11748645821
Shutterstock.com/metamorworks
The Washington Post reported this week on how the cyber war between Iran and Israel has intensified. The story began this way: “In late June, Iran’s state-owned Khuzestan Steel Co. and two other steel companies were forced to halt production after suffering a cyber attack. A hacking group claimed responsibility on social media, saying it targeted Iran’s three biggest steel companies in response to the “aggression of the Islamic Republic.”

“Israel’s defense secretary then ordered an investigation into leaked video showing the damage to the steel plants, citing “operational events in a manner that violates Israel’s ambiguity policy.” This incident came close on the heels of a statement by the Israeli Security Agency, or Shin Bet, claiming a May cyber operation by Iran was intended to generate actions outside of the cyber domain.

“Both incidents show how the cyber conflict between the two countries has grown increasingly public in the past two years.”

The article goes on to point out that worldwide cyber actions are becoming less covert.

Meanwhile, cyber attacks are continuing between Russia and Ukraine, occasionally making headlines. But in our world that is tiring of war stories from Eastern Europe, cyber attack news generally takes a backseat to bigger issues like natural gas supplies being cut to Germany.

Back at home in the U.S., IBM released its annual 2022 IBM Cost of a Data Breach Report, which covers all industries. Here are some highlights:

“Critical Infrastructure Lags in Zero TrustAlmost 80 percent of critical infrastructure organizations studied don't adopt zero-trust strategies, seeing average breach costs rise to $5.4 million – a $1.17 million increase compared to those that do. All while 28 percent of breaches amongst these organizations were ransomware or destructive attacks. …

“Concerns over critical infrastructure targeting appear to be increasing globally over the past year, with many governments' cybersecurity agencies urging vigilance against disruptive attacks. In fact, IBM's report reveals that ransomware and destructive attacks represented 28 percent of breaches amongst critical infrastructure organizations studied, highlighting how threat actors are seeking to fracture the global supply chains that rely on these organizations. This includes financial services, industrial, transportation and health-care companies amongst others.”

HEALTH-CARE DATA BREACH COSTS REACH RECORD HIGH AT $10M PER ATTACK


Commenting on the report, this article points out that “the unrelenting barrage of cyber attacks against health-care organizations is causing major financial damage as health systems struggle to mitigate the costs of data breaches.

“A health-care data breach now comes with a record-high price tag — to the tune of $10.1 million on average, according to IBM Security's annual Cost of a Data Breach Report.”

TREND MICRO CRITICAL INFRASTRUCTURE REPORT


Back in June of this year, Trend Micro Incorporated announced new research revealing that “89 percent of electricity, oil and gas, and manufacturing firms have experienced cyber attacks impacting production and energy supply over the past 12 months.

“The research also found that:
  • 40 percent of respondents could not block the initial attack.
  • 48 percent of those who say there have been some disruptions do not always make improvements to minimize future cyber risks.
  • Future investments in cloud systems (28 percent) and private 5G deployments (26 percent) were the top two drivers of cybersecurity among respondents.
  • The OT security function tends to be less mature than IT on average in terms of risk-based security.

“The addition of cloud, edge and 5G in the mixed IT and OT environments has rapidly transformed industrial operations and systems. Organizations must stay ahead of the curve and take security measures to protect business assets. Improving risk and threat visibility is a curtail first step to a secure industrial cloud and private network."

This video describes ICS/OT situational awareness and asset visibility:
You can get the full Trend Micro survey report for 2022 here: https://resources.trendmicro.com/IoT-survey-report.html

Also, I like this Accenture OT and ICS security video covering “the art of the possible:”

CYBER INDUSTRY ASKS AGAIN: IS THE 'BIG ONE' COMING?


Just like earthquake discussions in California, it seems like we keep coming back to questions surrounding whether a cyber 9/11 or a cyber Pearl Harbor is coming soon.

This article proclaims "China Could Unleash a Cyber-Pearl Harbor on America": “It is understandable that military analysts focus on Russia and the threat it poses to Ukraine. But when it comes to cyber, and in particular cyber defense and offense in space, we cannot forget that China is the leading threat. Lessons from the war against Ukraine may have only limited application to this more critical, longer-term struggle. …

“Unfortunately, we cannot assume that the cyber components of a conflict with China will resemble what we are seeing in Ukraine. Consider first of all that China has a $14.3 trillion economy, compared to Russia’s GDP of just $1.7 trillion at official exchange rates. While both countries have significant workforce technical skills, China has spent decades trying to copy and surmount the skills found in the United States and other highly advanced countries. It is a step behind the United States, Japan, Taiwan and our other peers in semiconductors, supercomputers and avionics — but only just a step.”

FINAL THOUGHTS


You may be wondering: Is this is a new topic for "Lohrmann on Cybersecurity"?

The answer is no, and here are just a few of the previous blogs where I covered this critical infrastructure protection topic:

I expect this topic is not going away over the next decade.

In fact, despite the lack of a Colonial Pipeline-type event in 2022 so far, cyber attacks against critical infrastructure are quietly rising around the world.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.