Page 42 - Cyber Defense eMagazine June 2024
P. 42
Our nation's critical infrastructure must be resilient to withstand and recover from these cyber disruptions.
So, what are we doing about it?
Presidential Policy Directive 21 (PPD-21) advanced national policy to focus on the resiliency of the US
critical infrastructure sectors. The Directive outlined the 16 essential infrastructure sectors whose assets,
systems, and networks, whether physical or virtual, are considered so critical to the US that disruption
would have a debilitating impact on national security, national economic security, national public health
or safety, or any combination thereof. Additionally, the recent publication of the National Security
Memorandum on Critical Infrastructure Security and Resilience addressed our national vulnerabilities
and created strategies to confront insidious cyber threats that have taken center stage from a national
security standpoint.
These cybersecurity measures are essential to safeguard these infrastructure sectors from exploitation
and disruption. Additionally, many critical infrastructure sectors are interconnected and interdependent.
A disruption in one industry can have cascading effects on others. For example, a cyberattack on a power
grid could impact transportation systems, communication networks, and healthcare facilities.
Let's examine a few incidents impacting the US infrastructure:
• For two days in August 2003, the US and Canada suffered one of the worst power outages in
history, with over 50 million customers without power. It was concluded that the main cause of
the outage was a “software bug,” not cyber terrorism. However, the US Department of Energy
and Canada’s Ministry of Natural Resources created a task force to conduct a deep dive into the
outage and provide recommendations on how to ensure similar outages don’t occur again. The
final report stated that “procedural vulnerabilities were compounded by inadequate, out-of-date
maintenance contracts.” Over 20 years later, the vulnerabilities that the report detailed still exist
across the US electrical grid, and cyber criminals' sophistication has significantly increased.
• In May 2021, the US suffered one of its most significant critical infrastructure cyber-attacks - the
Colonial Pipeline ransomware attack. The attack shut down Colonial Pipeline for five days, 45%
of pipeline operators were impacted, panic buying ensued across the southeastern US, and
significant supply chain disruptions were felt to an already strained system due to the COVID-19
crisis. The Colonial Pipeline attack highlighted the lack of government regulation when it came to
reporting a cyber-attack on critical infrastructure and the lack of transparency to the US consumer
once an attack occurred. The Colonial Pipeline attack led to the passage of the Strengthening
American Cybersecurity Act (SACA), which created a reporting protocol and increased the
Department for Cybersecurity & Infrastructure Security Agency’s (CISA) threat monitoring
responsibilities.
• Finally, in early February 2024, over 70,000 AT&T customers were left without cell service, and
multiple 911 call centers were out of service for close to eight hours due to a “technical error.”
Over 70% of the US population relies on a cell phone as their primary mode of communication.
Imagine a threat actor recreating a similar “technical error” throughout all cell phone networks in
the US for several days.
Safeguarding our critical infrastructure requires a comprehensive and proactive approach involving
collaboration, innovation, and continuous improvement in preparedness and response capabilities for the
US to stay a step ahead of the cybersecurity threat.
Cyber Defense eMagazine – June 2024 Edition 42
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
