Industrial Cyber Attacks
Industry
Reports
Utilities: Energy & Power, Water, Waste

Critical Infrastructure Security and Resilience Month Emphasizes Need for Cybersecurity

November 06, 2019
Critical Infrastructure Security

In 2017, the President’s National Infrastructure Advisory Council released a report addressing urgent cyber threats to critical infrastructure in the United States. The report concluded that the technical knowledge needed to launch an attack has greatly decreased over the past two decades, leaving the nation’s critical infrastructure security at increased risk.

According to the report, the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team  reported 290 cyber attacks on critical infrastructure control systems in fiscal year 2016.

The report also looked at the effects of cyber attacks on critical infrastructure around the globe. As far back as 2010 an attack on critical infrastructure disrupted Iranian nuclear facilities, resulting in the destruction of 984 uranium enrichment centrifuges.

Nearly a decade later, the threat is larger than ever. To highlight this growing risk, how government agencies are addressing it and how other parties can help, this month, the United States recognizes National Critical Infrastructure Security and Resilience Month.

“The Nation’s critical infrastructure (CI) relies on a highly interdependent environment, in which physical and cyber systems converge,” the Cybersecurity and Infrastructure Security Agency wrote in a November 1 release. “CI plays a vital role in keeping our Nation and communities safe and secure. Everyone is involved in the mission to protect CI and can help by using cybersecurity best practices, reporting cybersecurity incidents and phishing attempts, and submitting malware for review.”

[optin-monster-shortcode id=”dv4jqlr9fih8giagcylw”]

CISA is just one of the U.S.  government agencies emphasizing the need for cybersecurity as part of National Critical Infrastructure Security and Resilience Month. Several governmental offices have redoubled their cybersecurity efforts in light of ever increasing cyberattacks.

Among them is the Office of Electricity, which is focused on increasing the resiliency and reliability of the critical systems and assets of the bulk-power system. The OE has been working to develop a mix of technology and policy solutions while leading efforts to ensure the nation’s most critical energy infrastructure is secure and able to recover rapidly from disruptions.

“The disruption or destruction of these critical assets can negatively affect national and economic security, public health, safety, or a combination of all,” the OE wrote in a release this month. Our goal is to enhance resilience through preparedness and to promote investment in our Nation’s infrastructure.”

As part of this effort, the OE is developing the North American Energy Resilience Model, a comprehensive resilience modeling system for the North American energy sector and its associated infrastructure. The NAERM will enable the identification of threats to energy infrastructure and provide enhanced situational awareness to minimize the impact of threats while increasing system resilience.

Similarly, the OE is focused on mitigating threats against Defense Critical Electric Infrastructure to help assure the U.S. government’s ability to defend the country, empower military forces, and maintain essential civilian functions during crises. According to the OE, their team works across the government, industry, and the private sector to improve and prioritize information-sharing, collaboration, and investments.

Additionally, the OE is pursuing megawatt scale storage capable of supporting frequency regulation, ramping, and energy management for bulk and distribution power systems. The OE is also pursuing high-fidelity, low-cost sensing technology for predictive and correlation modeling for electricity. According to the OE, improved sensing technology will provide increased observability of electric infrastructure which will help to mitigate threats.

To learn more about the efforts various agencies are taking to address threats to critical infrastructure and how to get involved, CISA encourages critical infrastructure owners and operators to download the Critical Infrastructure Security and Resilience Month Toolkit and to visit CISA’s Critical Infrastructure Security and Resilience Month resource page throughout November for information and updates.

Rebecca Addison
Industrial Cyber Editor. Rebecca Addison is a former newspaper editor with a decade of experience in the media industry. During her career, she has interviewed world leaders and corporate CEOs, and covered topics ranging from blockchain and CBD to healthcare and education.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Claroty’s Team82 details cyber attack by Blackjack hackers on Moscow's emergency detection systems
Claroty’s Team82 details cyber attack by Blackjack hackers on Moscow’s emergency detection systems
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations