Page 27 - Cyber Defense eMagazine January 2024
P. 27

lights can be turned on at the flip of a switch or that the faucet at home never runs dry could be threatened
            without safeguarding attack vectors to prevent successful cyberattacks.



            Feeling the Ripple Effect

            While critical  infrastructure  may often be the target for malicious  adversaries  attempting  to disrupt key
            services  and day-to-day  living, the ripple effect that comes  from any organization  facing a cyberattack
            can be widely felt. The initial target can often be just the starting point.

            The recent conflict in Ukraine has become a case study example for how interdependent  organizations
            that rely upon shared services have become. In a successful bid to render ViaSat’s commercial satellite
            KA-SAT  network  inoperable  to  achieve  military  objectives,  there  was  a  ripple  effect  that  spread  into
            adjacent  critical  infrastructure  domains  causing  a  loss  of  critical  public  services  in  2022.  The  same
            satellite  services  that  supported  Ukraine’s  military  also  supported  European  wind  power  generation,
            causing  the  shutdown  of  over  5,000  wind  turbines  in  Germany  that  have  total  power  output  of  11
            gigawatts.

            The ransomware attack on Colonial Pipeline in 2021 was an example within the U.S. of what can happen
            when  critical  infrastructure  operations  are  severely  impacted.  A  ransomware  attack  resulted  in  the
            pipeline’s digital systems being shut down for several days, halting a vital U.S. oil pipeline. Consumers
            and airlines alike were affected by the shutdown and resulted in President Joe Biden declaring a state of
            emergency.  The  attack  was  named  the  largest  publicly  disclosed  cyberattack  against  critical
            infrastructure within the U.S. to date.

            The purpose  of the Colonial Pipeline attack was to collect a ransom but ultimately it led to a significant
            disruption to critical services that affected a large portion of the U.S. population. In both the Ukraine and
            Colonial Pipeline incidents, the effect of the cyberattacks extended well beyond the attacker’s intentions.
            Given the many cyber interdependencies  that exist, owners of critical infrastructure  must prepare to be
            resilient to cyber incidents, even when not the intended target.

            Another factor that is expanding  the universe of attack vectors is the dramatic increase in remote work.
            Such  work  was  required  during  the  COVID-19  pandemic  and  launched  a  trend  in  decentralized
            workforces  that is  apparently  here  to stay.  Owners  and  operators  of critical  infrastructure  also  had to
            adapt to these realities, enabling more remote access to operational control networks than ever before.
            Such an increase in access, especially for critical infrastructure  assets, led to greater flexibility but also
            gaps in cybersecurity. With remote workers accessing crucial data, these individuals may have their own
            routers  and  configuration  systems  installed  to  complete  work,  resulting  in  unknown  and  unmonitored
            communications pathways to the OT environment. It’s difficult to secure or monitor data communications
            pathways in and out of a critical system if the asset owner doesn’t know these attack vectors exist.

            In summary, cyber adversaries are leveraging these trends — the expanding number of vectors, including
            satellite and wireless communication  networks, the growing shared dependence  on third-party vendors,
            and the increasing number of network access points needed to accommodate remote workers — which
            is  making  critical  infrastructure  harder  to defend  from  cyber  incidents  that  result  in downtime  for  key
            services.




            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          27
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   22   23   24   25   26   27   28   29   30   31   32