{"id":31149,"date":"2021-05-12T16:04:17","date_gmt":"2021-05-12T22:04:17","guid":{"rendered":"https://www.webroot.com/blog/?p=31149"},"modified":"2021-05-12T16:42:21","modified_gmt":"2021-05-12T22:42:21","slug":"targeted-assets-the-need-for-cyber-resilient-infrastructure","status":"publish","type":"post","link":"https://www.webroot.com/blog/2021\/05\/12\/targeted-assets-the-need-for-cyber-resilient-infrastructure\/","title":{"rendered":"Targeted assets: The need for cyber resilient infrastructure"},"content":{"rendered":"\n

Aging infrastructure in the United States is not confined to crumbling roads and bridges. Recent events have shown that connected devices in our pipelines, water treatment facilities and power grids are also vulnerable to exploitation.<\/p>\n\n\n\n

As of now, we still don\u2019t know much about the ransomware attack against the operators of the Colonial Pipeline. Details about how and when cybercriminals were able to compromise Colonial\u2019s network have yet to emerge. The FBI has confirmed that Darkside, a ransomware as a service (RaaS) group, was behind the attack but background on that group is about the only place where information is plentiful<\/a>. \u00a0\u00a0<\/p>\n\n\n\n

We still don\u2019t know if a ransom has been paid. Or if Colonial was able to completely isolate its operational network from its corporate systems \u2013 the intended target of the attack according to the company \u2013 or if Darkside could have bridged that gap.<\/p>\n\n\n\n

Based on the Darkside\u2019s own statements<\/a> and analyses of its past behavior, experts believe the attack wasn\u2019t intended to seriously disrupt the nation\u2019s gasoline supply or cause major harm to its critical infrastructure. But that\u2019s beside the point.<\/p>\n\n\n\n

It was enough for states of emergency to be declared up and down the Eastern seaboard and for the federal government to issue warnings to other utility providers to be on the lookout for similar attacks. \u00a0<\/p>\n\n\n\n

And this cyberattack against critical infrastructure is far from the first of its kind and unlikely to be the last. A 2019 attack on a power grid control center responsible for supplying several sites in the Western U.S. was considered a near miss in which the country got off easy<\/a>.<\/p>\n\n\n\n

Early this year, remote access software at a water treatment facility in Oldsmar, Florida was compromised and hackers used the access to attempt to increase the concentration<\/a> of a tissue-damaging chemical normally used to prevent the corrosion of pipelines. Only an attentive employee and the delay needed to get the added chemical into the water supply prevented serious harm.<\/p>\n\n\n\n

The sorry state of cybersecurity in U.S. critical infrastructure is well-known within the industry<\/a>. The rise of the Internet of Things (IoT) isn\u2019t limited to the consumer sector. These devices help with automation and make industrial control systems (ICSs) smarter than they\u2019ve ever been before, but cybersecurity is often an afterthought in their design if it\u2019s one at all. One source claimed it was communication between an ICS and Colonial\u2019s corporate networks, responsible for simplifying the billing process, that caused concern about the attack spreading to operational systems.<\/p>\n\n\n\n

Making more cyber resilient infrastructure<\/strong><\/p>\n\n\n\n

After several shots across the bow have luckily not resulted in direct hits, what can we do to bring about a hardening of U.S. infrastructure cybersecurity? How can we prevent a replay of the 2017 attacks<\/a> against Ukraine\u2019s power grid from happening here?<\/p>\n\n\n\n

Here are a few suggestions:<\/p>\n\n\n\n