editor ’ s question
?
new generation of
A more sophisticated and well-funded attackers from nation states and large cybercrime affiliate networks view critical infrastructure as more vulnerable than traditional IT networks because of the damage it can inflict on the business , the economy , or even a whole country .
Further , ransomware payments for successful attacks against critical sites have climbed into the tens or hundreds of millions of dollars each .
The vulnerability of critical infrastructure is well known . Its operational networks have traditionally been unreachable – or air-gapped – from IT users and the outside Internet , meaning security is not top of mind within their design .
However , the proliferation of Digital Transformation and automated processes mean they can now easily be accessed by remote users and applications directly through Wi-Fi , cellular or local area networks .
Many aging legacy environments have technical requirements that make them ill-suited for traditional IT security solutions , such as bandwidth and communication constraints , proprietary protocols and a lack of current research into common system vulnerabilities .
Industrial Internet of Things ( IIoT ) devices are playing a larger role in critical infrastructure , including surveillance cameras and process sensors which run low-power , lowcost operating systems without the security posture and features of IT laptops and servers .
And with potentially devastating consequences for bringing down a critical infrastructure provider , the geopolitical or
This is the year to not get left behind .
monetary benefits to a potential attacker provide a strong motive .
But governments worldwide are starting to act . In the US , funds are being allocated – along with guidelines and mandates – to shore up the nation ’ s cyberdefences in critical industries , starting with the utility and oil and gas sectors .
Globally , law enforcement organisations like Interpol , Europol and the FBI are collaborating to take down massive international ransomware gangs , seize funds and recover data .
But how can critical infrastructure providers best respond to mitigate potential future damage ?
Nozomi Networks Labs ’ semiannual report on the state of critical infrastructure cybersecurity covers emerging attack trends and
GARY KINGHORN , SENIOR DIRECTOR PRODUCT MARKETING AT NOZOMI NETWORKS remediation tactics from the second half of 2021 .
Recommendations include deploying network segmentation as a way to contain the spread of malware , and a Zero Trust network philosophy to limit malicious activity in a more connected world . Organisations should also look to reduce the available attack surface by removing known vulnerabilities , seldomused services and applications , and reducing the number of credentialed users that can access systems .
Finally , improving network reconnaissance and monitoring with an understanding of normal process activity can help quickly identify potential threats and correlate anomalies to more efficiently prioritise alerts and remediation efforts .
A multi-pronged approach to cybersecurity , including knowing devices on your network , what versions of software and third-party libraries they are running with known vulnerabilities , and who or what they are communicating with , is vital to staying ahead of emerging threats in 2022 and beyond . This is the year to not get left behind .
Industrial Internet of Things ( IIoT ) devices are playing a larger role in critical infrastructure , including surveillance cameras and process sensors .
28 www . intelligentciso . com