Blog

Updating your main database: your brain

February 26 2020

Protecting Critical Infrastructure Begins with Cybersecurity

Most of current industries and their critical infrastructure rely heavily on the Internet for everything. The increase in the online services and operations for various industries has led to an increase in different security threats and malicious activities. Critical infrastructure, like power generation and distribution, is becoming more complex and reliant on networks of connected devices. Just decades ago, power grids and other critical infrastructure operated in isolation. Now they are far more interconnected, both in terms of geography and across sectors.

Before we can dive into how we can protect critical infrastructure from cyberattacks, it is important to define what is Critical Infrastructure. Critical Infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy. Among the list facilities associated include: security service, public health, water supply and electricity generation.

The difficulties of securing critical infrastructure from attack are centralised in three key themes – the barriers of detection, lack of security measures and the inherent vulnerability in infrastructure networks.

  • Difficulty of Detection

Most threats to the critical infrastructure are in the form of advanced, persistent threats which linger and accumulate for years without exposure. Since most critical infrastructure attacks are done by nation-state threat actors with resources and funds—most of the malware and attack vectors seen are highly sophisticated. In that, most malicious actors will endeavour to disguise the intrusion as a part of usual customer traffic, making it difficult to expose or uncover. This means that the extent of the potential damage is not known.

  • Lack of Security Measures

Most attacks on critical infrastructure are possible due to weak protection mechanisms on the systems or through phishing emails. Most critical infrastructure operators are running out-of-date systems and due to the scale of these networks, it’s difficult to transition these legacy systems into something less vulnerable. Without the appropriate security controls and patches, these infrastructures lack resilience and will be unable to ward off today’s advanced threats.

  • Infrastructure Weakness of Current Infrastructure

Many nations have built critical infrastructure in centralised ways. This creates a central point of failure where one intrusion point can have a ripple effect throughout. It’s time to rethink the current infrastructure integrations and dependencies.

Confidence in data and systems security is key if society is to benefit from the potential efficiencies that the “IoT” can bring. The aim of network analytics is to discover malicious activity inside logs of network traffic. Especially for critical infrastructures, such as power plan, the presence of malicious activity can lead to the malfunction or even destruction of the underlying system.

Critical Infrastructure must deploy network traffic analytics as a solution to baseline normal operation and configure alerting for when traffic deviates from what is expected. Using a solution like redborder, would allow critical infrastructure to see where abnormalities in network traffic are taking place. Specifically, it would allow IT professionals with a window into where hackers are trying to penetrate the system, and more importantly, where they have broken in.

 

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read more