May 10, 2021
Recent high-profile cyber attacks to the critical infrastructure sector have exposed this industry as vulnerable, as a prime target to sophisticated cyber actors, and as evidence of the potential costly and widespread outcomes of an incident. These attacks serve as reminder of the importance of having proper cybersecurity controls implemented in advance, and an up-to-date and tested incident response plan to manage incidents quickly and effectively when they occur. However, due to the complexity and interdependencies of hyperconnected digital and physical assets in critical infrastructure, the required coordination to mitigate risk and respond to incidents can be challenging.
Threats Facing the Critical Infrastructure Sector
- Ransomware
- Nation-state attacks
- Distributed Denial of Service attacks
- Phishing
- Data breaches
- Insider threats
Given the significant risk potential, FTI Cybersecurity encourages the critical infrastructure sector to take a proactive stance in mitigating cyber risks.
Actionable Recommendations
- Identify Industrial Control Systems (ICS) that may be running unpatched or end-of-life versions of operating systems.
- Update and patch operating systems and applications, if possible.
- If not possible, segregate end-of-life and unpatched systems from the rest of your production network.
- Train employees to identify and report attempts at social engineering.
- Ensure auditing / log aggregation and monitoring is in place.
- Ensure Operational Technology (OT) and ICS are segmented from the rest of the network.
- Migrate ICS to modern operating systems.
- Use multi-factor authentication to deter malicious actors from accessing systems with compromised credentials.
- Test, review, and update your incident response plan to account for the current working conditions and cybersecurity threats.
- Test, review, and update your business continuity plan to account for cyber attacks that can compromise all versions of data, including backups.
For additional recommendations to mitigate cyber risks, refer to the recent joint cybersecurity advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI).
How We Can Help
We can work with your team to evaluate your specific needs and tailor solutions that enhance security and readiness to defend against the unique cyber risks facing your organization.
Our team has extensive experience in industrial systems, facilities, and operational processes with deep industry expertise derived from their backgrounds in government, military, and the private sector. We have a proven track record of harmonizing the technical, operational, legal, regulatory, reputational, and workforce components into workable solutions.
Learn more about our Critical Infrastructure Preparedness & Incident Response Capabilities