In the U.S., the Biden administration will kick off an effort to protect the country’s water sector from cyberattacks. This move represents the latest attempt by the U.S. federal government to strengthen the digital defenses of the nation’s critical infrastructure.
This follows on from the U.S. government also moving out on a whole-of-government effort to counter ransomware including disrupting ransomware infrastructure and actors.
The administration will formally extend President Biden’s “Industrial Control Systems Cybersecurity Initiative”, which was established in 2021 and which already includes the country’s electric system and natural gas pipelines, in order to encourage owners and operators of water and wastewater systems to improve their capabilities for identifying cyber threats to their networks.
To gain an insight into these developments, Digital Journal caught up with Mark Logan, Chief Executive Officer of LogRhythm.
Logan places the risks to the U.S. economy as relatively high, noting: “Cyberattacks continue to be a tremendous threat to our nation’s [by which he means the U.S.] critical infrastructure like pipelines, electrical grids and water systems.”
He adds that the recent announcement presents a steppingstone towards improved security: “This move by the Biden Administration is a great first step in securing our nation’s water systems from cyberattacks. For example, a hacker attempted to poison water at a San Francisco Bay Area water treatment plant after gaining access to the plant’s network by using a former employee’s account credentials and then deleting programs that the water plant used to treat drinking water.”
This one incident may have been stopped, but others could follow due to out-of-date infrastructure. Here Logan says: “Over the past 20 years, industrial control systems have largely neglected operational technology and operational risk by air gapping data to compensate for deficiencies in network security and physically isolating platforms from unsecured networks. This means critical infrastructure operations are ripe with opportunities for bad actors to target and take down their systems.”
This places an onus on government and businesses to reform. Logan recommends: “Organizations in this sector must take action to secure their operations if they haven’t done so already, as this is a seriously overlooked attack vector that’s vital to the United States’ national security.”
Time is also of the essence, according to Logan: “Cyberattacks of this nature can impact citizens’ physical safety, and unfortunately, these types of attacks to our critical infrastructure are only growing. Any organization leveraging technology to enable operations for critical infrastructure needs to ensure proper protection protocols are established, ranging from simple password hygiene, threat detection, preventative controls and response controls to quickly thwart and identify potential catastrophes. Lagging detection and alerts can result in disaster if controls or data are obtained by domestic or foreign adversaries.”