The news this week was full of cyber-attacks and system breaches, from the FBI warning us of impending attacks and strategic efforts to sabotage critical infrastructure to the recent cyber-attack on Fulton County, GA and the efforts to get their systems up and running again.
And in an unprecedented move, the Cybersecurity and Infrastructure Security Agency (CISA) has demanded federal agencies disconnect all instances of the Ivanti Connect Secure and Ivanti Policy Secure products by the end of today.
All of these are not connected, but it does seem that China’s state-sponsored Volt Typhon is causing a lot of concern to US infrastructure. There is a new class of attacks using the system’s native landscape that should have us all concerned. These new techniques allow attackers to invade systems without malware or other detectable exploits. This means we need new ways to detect the undetectable. Zero Trust and Asset Management are going to be key in how we handle the unknown.
To make matters worse, we also must prepare our systems to defend against attackers’ use of artificial intelligence that will speed up their processes and decision-making options.
We must arm ourselves with knowledge or level those in the industry to help us keep up. Today is not like watching others and learning from their mistakes. We are beyond learning experiences. We don’t even know if the enemy is already inside the walls waiting for a trigger to wreak havoc on our systems from the inside. Due diligence is critical to support, not only our external robustness to thwart current and persistent bombardment, but to protect our infrastructure from what we don’t know that may already be within.
We can’t wait for a water plant to become poisonous or for a power grid to go down indefinitely. We must prepare now. We need to take assessment of our environment and know where we need to focus our efforts.
We understand that most critical infrastructure facilities and plants are not eager to have a 3rd party review them. However, the concern is that we cannot expect the facilities’ administration to be aware of the new threats and new sophisticated techniques that are being directed toward them from foreign advisories. Even our own underfunded government agencies such as the EPA know the issues but are ill-equipped to help the masses. We need to look towards our commercial expertise to cover as much ground as we can and stay vigilant in our efforts to reduce the detection time and response to incidents, especially with infrastructure that would change the focus of protecting our country.
Duffy Compliance Services has conducted cybersecurity assessments for several organizations and agencies across the country. If you’re involved with critical infrastructure and want to discuss how to better protect your assets, let’s have a discussion.