Why Attacks on Critical Infrastructure Are Dangerous<\/h1>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Critical Infrastructure (CI) comprises physical and cyber assets vital for the smooth functioning of societies and nations across the globe. The sectors that make up critical infrastructure differ from one country to another. For example, the USA considers 16 sectors to be vital as opposed to 13 in the UK. The disruption or damage of CI can have severe direct and indirect effects.<\/p>

So far, cybercriminals seeking crypto payouts were propagators of attacks on critical infrastructure. But what happens if a threat actor has plans beyond a quick payday?<\/strong> What if an <\/strong>attack creates chaos by eliminating critical infrastructure to harm a region or country? <\/strong><\/p>

Attacks on CI could eventually devastate the livelihoods of millions of people and even bankrupt companies. Experts listed cyberattacks on CI as a top concern in 2020, and this trend is estimated to persist into and beyond 2021.^{1 <\/sup>In the interest of national and global security, CI facilities must take proper measures to prevent threat actors from accessing their networks.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t}

\n\t\t\t\t

\n\t\t\t

Attacks Are Widespread<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Attacks on CI are becoming increasingly common topics of discussion on news channels as highly publicized cases, such as the ones mentioned below, rattle businesses and communities. It\u2019s a scary situation and emphasizes how prepared you should be.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

1.\tColonial Pipeline<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

In May 2021, the mammoth pipeline system for refined oil in the U.S. \u2014 Colonial Pipeline \u2014 was hit by a cyberattack that stemmed from a single compromised credential. The result? Colonial Pipeline\u2019s gasoline distribution to the East Coast was shut down for nearly a week.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

2.\tJBS SA<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

The largest meat processing company in the world, JBS SA, fell victim to a cyberattack a few weeks after the Colonial Pipeline breach. The attack forced the company to halt production at its U.S. beef plants while operations in Australia and Canada were also hit.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

3.\tThe Health Service Executive (HSE) Hack<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

The HSE (Ireland) had to temporarily shut down its IT systems following a cyberattack. What makes this CI attack so disturbing is that it happened during the pandemic when health systems were buckling.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Other well-known cases include the attacks on NSW\u2019s State Transit Authority (Australia), Israel\u2019s Water Authority, and Air India.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t

Know the Threat Actors<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

To avoid the unpleasant experience of a CI attack, here are some major threats to prevent:<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\tPhishing\t\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tPhishing\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tExperts have estimated that an alarming 75% of organizations in the U.S. experienced a phishing attack in 2020.2 Phishing through email occurs when malicious actors masquerading as genuine senders lure users into sharing credentials and sensitive information. \t\t\t\t\t\t<\/div>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\tUnpatched vulnerabilities\t\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tUnpatched vulnerabilities\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tUnpatched vulnerabilities let cybercriminals run malicious code by exploiting an unpatched bug. In 2020, about half of CI operators reported unpatched vulnerabilities as the cause of cyberattacks.3\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\tDistributed Denial of Service (DDoS)\t\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tDistributed Denial of Service (DDoS)\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tA DDoS attack on your network or server will overwhelm it with traffic, thus disrupting the service. A recent study reported over 2.9 million DDoS attacks in the first quarter of 2021. Compared to 2020, that is an increase of over 30%.4\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\tSQL injection\t\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tSQL injection\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tA SQL injection is an attack vector that injects malicious SQL code into vulnerabilities and can even destroy databases. Over 30% of CI operators reported SQL injection as the cause of a breach.3\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\t\tCross-site scripting\t\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t

\n\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tCross-site scripting\t\t\t\t\t\t<\/h3>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t

\n\t\t\t\t\t\t\tAlso known as XSS, cross-site scripting is a method of executing malicious scripts on a legitimate website. Almost 20% of CI operators reported falling for this attack vector.3\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t

How to Tackle These Attacks<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

Secure Remote Access<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Remote access, if not secured, could provide a freeway for cybercriminals. Therefore, it\u2019s vital to have network firewalls, endpoint protection, good password hygiene, etc.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

Create Asset Inventory<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

You can\u2019t protect what you don\u2019t know needs protection.<\/span> That\u2019s why it\u2019s essential to have an asset inventory. <\/span>With an updated inventory of all your network assets, you can <\/b>implement strategies to ramp up security.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

Identify and Patch Vulnerabilities<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Many Operational Technology (OT) and IoT devices that operate within industrial networks aren\u2019t secure enough to be part of a critical infrastructure environment. By deploying tools to identify system vulnerabilities, it\u2019s possible to find risky devices, sort them based on their level of risk and then recommend firmware updates.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

Detect Anomalies <\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Automated detection solutions backed by artificial intelligence can easily track anomalies and other minor suspicious changes within the network.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t

Combine OT and IT Networks<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

Security risks of connected industrial control systems fall when OT and IT networks are managed together as part of a unified operational platform.<\/p>

Managing all these single-handedly may seem like a tedious process, but we can take all the hassle away and help you ramp up your business\u2019 security posture. Contact us to learn more about protecting your CI, or download our free infographic to learn more about this topic.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\t

\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\tDownload<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t\t\tSources:\n \t

2020 Global Risks Report, WEF<\/li>\n \t

Statista<\/li>\n \t

edu<\/li>\n \t

DarkReading<\/li>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Critical Infrastructure (CI) comprises physical and cyber assets vital for the smooth functioning of societies and nations across the globe. The sectors that make up critical infrastructure differ from one country to another. For example, the USA considers 16 sectors to be vital as opposed to 13 in the UK. The disruption or damage of CI can have severe direct and indirect effects.<\/p>\n","protected":false},"author":2,"featured_media":2889,"comment_status":"closed","ping_status":"open","sticky":false,"template":"elementor_header_footer","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"0","ocean_second_sidebar":"0","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"0","ocean_custom_header_template":"0","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"0","ocean_menu_typo_font_family":"0","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"0","_jetpack_memberships_contains_paid_content":false,"ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"off","ocean_gallery_id":[],"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[],"class_list":["post-2886","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-legal","entry","has-media"],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/agcomtech.com\/wp-content\/uploads\/2021\/08\/Security-August-2021-Ad-8.png?fit=1200%2C675&ssl=1","_links":{"self":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts\/2886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/comments?post=2886"}],"version-history":[{"count":10,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts\/2886\/revisions"}],"predecessor-version":[{"id":2900,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts\/2886\/revisions\/2900"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/media\/2889"}],"wp:attachment":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/media?parent=2886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/categories?post=2886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/tags?post=2886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}