Immediately after the conflict between Russia and Ukraine broke out, and subsequently took shape of a full-fledged war, there was a huge surge in cyberattacks from both sides not just on each other, but on global targets. Russian-sourced cyberattacks increase to over 800% within 2 days of the war, sources say. The Russia-sponsored attacked were not confined to the establishments in Ukraine but were sprayed on countries showing solidarity with the latter. In retaliation, even Ukraine created what we know as an IT Army – a force of several hundred thousand volunteers who came together to launch a counter offensive on Russia. Global intelligence agencies, CERTs, agencies involved in the security of cyber infrastructure, central banks, telecom regulators, energy producers and distributors etc. all are alerted to avert any big crisis that can emerge from attacks. Critical infrastructure sector has been perhaps the worst victim of these state-sponsored attacks.
A slightly different event took place about a week ago when powerful Conti Ransomware gang launched a massive cyberattack on the government of Costa Rica. The attack was so widespread and complex that the Costa Rican President Rodrigo Chaves had to declare a national emergency as the attack was spread all over on various government bodies. The nefarious Conti ransomware gang published most of the 672 GB dump supposedly containing data belonging to the Costa Rican government agencies.
We’ve heard similar stories of nation-state and global ransomware attacks in the past. The SolarWinds, Colonial Pipe, Log4J, Kaseya were some of those many attacked purely aimed at both government and corporate organisations.
Here are some recent and very alarming data points for us to ponder upon:
- Cyber attacks on India’s critical infrastructure by hackers rose by a whopping 70 percent in Q4 of 2021, according to a report by cybersecurity company Trelix. 50 percent of adversarial advanced persistent threat actor activity has originated from Russian and Chinese backed groups like APT29.
- FBI’s annual Internet Crime Report published recently revealed the top reported incidents to its Internet Crime Complaint Center (IC3) in last one year, were ransomware, business email compromise (BEC) and the use of illegal cryptocurrency. Ransomware, among all, posed the biggest threat to critical infrastructure sector, with over 649 complaints. Of the 16 critical infrastructure sectors, 14 sectors had at least one member that fell victim to a ransomware attack in 2021, the report said.
- According to a civil society org Cyber Peace Foundation, about 360,000 attacks on Indian oil companies were detected by threat intelligence sensors deployed to analyse real-time cyberthreats between October 2021 and 12 April 2022.
- A report Palo Alto Networks suggests that there was a steep 218% increase in ransomware attacks on Indian organisations in 2021.
This brings us to the critical point of how the growing threat of cyberattacks and security breaches to cyber-physical systems is capable of crippling nations, and corporations boosting the importance of the critical infrastructure protection.
Critical infrastructure Industries (CII) are vital for a nation and its citizens. Crippling of those agencies mean a direct assault on national security, economy, healthcare system, power paralysis or halt of telecom networks. The attack surface of critical infrastructure sector has dramatically altered as a result of the pandemic for both remote work support and adoption of digital tech. This is very concerning. It also requires focus on protecting the SCADA, OT and other similar industrial control systems deployed in the Critical Infra sectors.
That’s perhaps the reason governments, across continents and geographies, are now paying attention to this growing menace and investing in cybersecurity. According to a Fact.MR report published last month, the global Critical Infrastructure Protection market is projected to grow at a CAGR of ~4% between 2022 and 2032. The market is expected to reach US$ 204.2 Billion by the end of 2032.
Critical Infra sector companies will not only have to increasingly adopt of cutting-edge technology and create new benchmarks but also have to work on the other two aspects of People and Processes to strengthen their security posture.
DynamicCISO spoke to Mathieu Gorge, Founder & CEO of VigiTrust – an Integrated Risk Management SaaS service provider – helping organisations across sectors achieve, maintain and monitor compliance with a range of industry standards on the important issue of “Cybersecurity Challenges for Critical Infrastructure Sector in the Volatile Geopolitical Scenario.”
The discussion focused on the following key areas:
- The Book authored by Mathieu “Cyber Elephant in the Boardroom: Cyber Accountability with the 5 Pillars of Security Framework”
- Prevailing geo-political situations, specially the Russia-Ukraine war and its impact on global cybersecurity
- Methodology to protect the critical data assets in the wake of conflicts, rising digitisation and rapid transformation
Listen to this 30-minute audio podcast.