An Introduction to Critical Infrastructure and Previous Cyber Disasters

No matter where you look, it is hard to find an industry that cybersecurity threats have not impacted. All organizations risk being hacked, from hospitals and schools to financial institutions and transportation networks. However, some sectors are more critical than others and require extra attention when protecting against cyberattacks. Here are 16 of the most vital sectors that need your cybersecurity protection.

Who defines critical infrastructure sectors, and how do they operate?

The National Infrastructure Protection Plan (NIPP) 2013 strategy and concepts support the Department of Homeland Security in its execution of Presidential Policy Directive 21, which instructs the federal government to work together to improve and preserve secure, functioning, and resilient critical infrastructure.

The NIPP identifies 16 critical infrastructure sectors that, physical or virtual, are so important to the United States that their incapacitation or destruction would significantly impact national security, economic security, public health, and safety, or any combination of these.

1. Chemical industry

Chemical industries constitute a significant segment of US economic activities, producing, processing, and shipping chemicals, and these products are considered potentially toxic. The chemical industry’s facilities are located in four core functional departments: plant manufacturing, transportation systems, warehousing, and storage solutions. Moreover, many foundational areas are also affected. Chemicals are becoming targets of cyber attacks.

In May 2021, after being hacked with malware, A chemical distribution business called Brenntag paid a ransom of $4.4 million in Bitcoin to the DarkSide ransomware gang. If the attackers didn’t get a decryptor for encrypted files, they threatened to release stolen data publicly. So Brenntag paid up.

2. The Communications Sector

Communications are fundamental components of the US economy and operate in secret operations in all government agencies and private sector groups. Presidential policy directive 21 recognizes communications as vital, as they provide an “enabling function” across the basic infrastructure.

The communications sector includes telecommunications, internet, postal services, and broadcast media. Moving into 5G infrastructure presents a new set of cybersecurity risks for telecommunications companies as well as the devices that will connect to 5G networks.

In the first quarter of 2022, telecommunications companies saw a marked increase in distributed denial of service (DDoS) attacks. According to Lumen’s report, there was a 32% year-on-year jump in DDoS attacks.

In December 2020, a cyberattack on the United States Postal Service (USPS) disrupted email systems for two weeks. The attack was carried out by a group of Russian hackers called Cozy Bear, and it is believed that the attack was in retaliation for the US sanctions placed on Russia after their involvement in the 2016 election interference.

3. The Critical Manufacturing Sector

Critical manufacturing is vital to America’s economic success. An immediate cyberattack could damage the fundamental capacities of the national and international sectors. The business includes metals machinery, automobiles, and electric equipment manufacturers.

In December 2020, a ransomware attack hit the world’s largest meatpacking company, JBS. The attack crippled operations at JBS plants across Australia, Canada, and the United States, causing a shortage of beef. The hackers demanded a $3.2 million ransom in Bitcoin, and JBS paid the ransom to prevent further damage.

4. Commercial Facilities Sector

The commercial facilities sector includes various buildings and venues that host events, including sports stadiums, arenas, convention centers, and performing arts venues.

In May 2021, it was revealed that the FBI is investigating a data breach at Ticketmaster that affected more than 9 lakh customers. The breach occurred between February and June 2018, and it is believed that the hackers gained access to Ticketmaster’s systems through a third-party vendor.

5. The Dams Sector

The Dams Sector provides essential water maintenance and control services in the United States, including municipal and industrial water supplies, agricultural water systems, silt, surge control, and stream and inland transport routes.

The Iran-led cyber attacks were carried out on the US-based Rye Brook Dam in New York.

The hacker’s accessed industrial controls at the dam but were, unfortunately, incapable of escaping from the dam because of scheduled maintenance. It would be a disaster waiting for a simple click.

6. The Energy Sector

The energy sector is typically divided into three separate categories: electricity, petroleum, and natural gas. The energy sector is highly automated, with pipeline operators, terminal owners, and natural gas utilities relying on computerized sophisticated energy management systems. Without steady electricity sources, it undermines our well-being and our nation is unable to thrive. In the recent past, attacks on ICS in the energy sector have been more specialized.

In December 2015, Ukrainian utility Prykarpattyaoblenergo was hit by a cyberattack that took down its network and caused a blackout for 225,000 people. The attack was carried out by a group of Russian hackers called Sandworm, and it is believed that the attack was in retaliation for the Ukrainian government’s decision to move away from Russia and toward the European Union.

In 2016, the Ukrainian government reported that Russian hackers had attempted to attack its power grid more than 6,000 times in the previous year.

7. The Emergency Services Sector

The Emergency Service Sector (ESS) provides emergency preparedness and recovery services throughout daily operations. This sector is responsible for the safety and security of first responders and the public during an emergency.

The following are the disciplines that ESS covers:

Law enforcement

Fire and Rescue services

Emergency and Medical Services

Public works

In December 2020, a ransomware attack on Pensacola, Florida, disrupted the city’s 911 dispatch system.

The attack forced dispatchers to use a backup plan, and it took several days for the town to recover from the attack. In the United States, police and fire departments have been victims of recent ransomware hacks such as WannaCry. It’s disturbing since citizens rely on these critical functions daily.

8. Defence Industrial base sector

The Defense Industrial Base Sector (DIB) is a modern complex that entails innovation and maintains military weapons framework, subsystem, and segmentation. The DIB consists of several important industry sectors, most privately held. Several states in the U.S. use espionage in cyber warfare, and stealing sensitive information to obtain such information is widespread in cyber terrorism. The sector also provides the supplies and services needed to support military operations.

The SolarWinds cyberattack compromised the networks of many government agencies, including the Department of Defense (DoD). The DoD was one of the 18 federal civilian agencies hit by the attack.

9. The Financial Services Sector

Our banking sector is committed to protecting our most important economic resource. The vast range of risks that threaten the industry is shown. This is obviously a major threat to the U.S. sector. Cyber crime is frequently employed to target the financial sector with threats of every type to gain money. The latest Equifax credit reporting breach is considered a critical infrastructure breach.

The massive data breach affected 145.5 million people in the U.S., and it exposed sensitive information such as social security numbers, birthdates, addresses, and driver’s license numbers.

10. Food and Agriculture sector

The Food and Agriculture Sector (FAS) produces, processes, and distributes the food we eat every day.

In December 2020, a ransomware attack on JBS USA, one of the world’s largest meatpacking companies, forced the company to shut down its U.S. beef plants for a day. The attack sent shockwaves through the food industry, as JBS supplies about 25% of all beef consumed in the United States.

In May 2021, a ransomware attack on Colonial Pipeline, one of the largest fuel pipelines in the United States, caused a shutdown of the pipeline for several days. The attack led to fuel shortages and panic buying at gas stations across the eastern United States.

These attacks show that the food and agriculture sector is a significant target for cybercriminals. The industry is critical to the functioning of our society, and any disruption can substantially impact American citizens’ lives.

11. The Healthcare and Public Health Sectors

The Healthcare and Public Health Sector (HPH) provides healthcare services and promotes public health. The HPH sector includes hospitals and clinics. These sectors offer primarily private advantages, which require coordination and sharing of information among the public and private sectors. Its main goal is to improve the national healthcare system.

In August 2020, three nation-state actors maliciously targeted seven prominent companies researching vaccines and treatments for covid-19. These actors used various techniques to access the companies’ systems, including spear phishing and password spraying. The attackers were likely looking for information to give them an advantage in the race to develop a vaccine or treatment for covid-19. The intended victims are companies and researchers in Canada, France, Korea, and the United States. The attacks were carried out by Strontium (a group with ties to Russia) and two North Korean groups, Zinc and Cerium.

12. The Information Technology Sector

The Information Technology Sector (ITS) is critical to the smooth functioning of the U.S. economy. The ITS sector includes computer hardware and software, telecommunications, and information security.

In December 2020, SolarWinds announced that its network management software had been compromised by a sophisticated cyberattack. The attack allowed the attackers to gain access to the networks of SolarWinds’ customers, which include some of the biggest names in the tech industry, such as Microsoft, Amazon, and Google. The attackers also gained access to the U.S. government’s network, including the Department of Homeland Security and the Pentagon. The SolarWinds attack is considered one of the most sophisticated and far-reaching cyberattacks in history.

13. The Nuclear Reactors, Materials, and Waste Sector

The nuclear sector encompasses nuclear power plants, research, and test reactors, as well as radioactive materials utilized in medical and industrial settings. This also includes radioactive waste management and fuel cycle facilities.

Nuclear power plants pose a major threat to hackers. A U.S. nuclear plant has had a data breach, but its vital infrastructure is not affected. Although hackers can access critical infrastructure, they gain data that is later exploited to gain control. This could result in even more dangerous attacks.

14. Transportation Systems Sector

The transportation sector includes all modes of transportation, including air, rail, water, and highway. The sector also includes the infrastructure that supports these transportation systems, such as airports, seaports, and pipelines.

In February 2020, the U.S. Department of Transportation (DOT) released a cyber security framework for the transportation sector. The framework is designed to help transportation companies and agencies identify and address cyber threats.

15. Government facilities sector

The government facilities sector includes all buildings and property owned or leased by the federal government. This sector also includes the infrastructure that supports these facilities, such as power and communication systems.

In July 2020, the U.S. General Services Administration (GSA) announced that it had been the victim of a data breach. The GSA is responsible for managing the government’s buildings and property. The data breach affected the personal information of more than 4,000 GSA employees.

16. The Water and Wastewater Systems Sector

The water and wastewater sector includes all public and private systems that provide water and treat sewage. This sector also includes the infrastructure that supports these systems, such as reservoirs, treatment plants, and pipelines.
In March 2020, the U.S. Environmental Protection Agency (EPA) released a cyber security framework for the water and wastewater sector. The framework is designed to help water and wastewater companies and agencies identify and address cyber threats.

These are 16 critical sectors of infrastructure that need cybersecurity protection. By understanding the risks and vulnerabilities associated with each sector, organizations can take steps to mitigate those risks and prevent attacks. Cybersecurity is a shared responsibility, and it is essential for everyone to do their part in protecting the nation’s critical infrastructure.

Why is it so critical to safeguard the important sectors of infrastructure?

The importance of safeguarding these sectors cannot be overstated. It is crucial to have robust policies to protect them from cyberattacks and other threats. The U.S., Israel, Russia, China, and North Korea are the most significant countries involved in cyberattacks against critical infrastructure sectors. An efficient and effective response to these attacks must be in place so that different countries and private businesses can have the confidence necessary to invest in a country’s critical infrastructure.

Where to start the protection of Critical Infrastructure

There is no one-size-fits-all answer to this question. Each country’s critical infrastructure will have different vulnerabilities that must be addressed. However, some general tips on how to protect important infrastructure sectors include:

Awareness and training: Employees should be made aware of the importance of cybersecurity and the potential threats that exist. They should also be trained on how to identify and report suspicious activity.

– Security controls should be implemented at all levels of the organization, from the boardroom to the front line.

– Regular testing and monitoring: Regular testing of security controls is essential to ensure they are effective. Monitoring should also be conducted regularly to identify any new or emerging threats.

– Response plans: Response plans should be in place so that organizations know how to deal with a breach if one occurs. These plans should be regularly updated and tested.

 

Make the initial move in changing your cybersecurity program by taking this first step.

Businesses are changing, and security teams are evolving to meet new business demands. Cetark is well-positioned to be your company’s trusted advisor in cybersecurity because of our Security Operations Centers and Network Operations Centre, as well as a focused team of security experts. We’ll educate you on risk exposure, enhance your visibility and ROI, and proactively look for new threats.

 

 

Cetark

Recent Posts

The Lifecycle of Stolen Data from Data Breach to Sale

When data is stolen in a breach, it embarks on a journey through the criminal…

2 months ago

Global Space Threats: The Rise of Counterspace Capabilities

The 2024 Space Threat Assessment, published by the Center for Strategic and International Studies (CSIS), highlights…

3 months ago

Fortifying Industrial Control Systems: Strategic Defense Enhancing ICS Security with Network Segmentation and Isolation

Enhancing the security of industrial control systems (ICS) is critical, and executing network segmentation and…

8 months ago

Upgrading Cybersecurity: A Close Look at the NIST Cybersecurity Framework 2.0

Concerned about how the NIST Cybersecurity Framework 2.0 will change your approach to cybersecurity? The…

10 months ago

Smart Cybersecurity: Exploring the Role of AI and Machine Learning in Enhancing Continuous Threat Exposure Management (CTEM)

How do AI and machine learning redefine the role of AI and machine learning in…

10 months ago

Phishing 101: Essential Tips to Identify and Protect Against Cyber Scams

What exactly is phishing, and how can you recognize and prevent it? Our Phishing 101…

11 months ago