According to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), cyber-attacks against critical infrastructure in the United States have doubled, with most of these attacks originating from outside the country. These attacks are often motivated by a desire to gain a competitive edge on the global stage or by the immense profitability associated with compromising systems vital to public safety. While data security is often the primary focus of IT environments, resiliency in operational technology (OT) environments relies on safety and reliability.
The Colonial Pipeline attack highlighted the increasingly blurred line between IT and OT systems. It compromised data, locked computers, and restricted access to billing systems within the corporate IT infrastructure. However, Colonial had to shut down OT operations because the ransomware attack paralyzed a critical IT component that the OT systems relied on for proper functionality, causing an indirect shutdown of the OT operations. Shutdowns of critical infrastructure can have far-reaching consequences for entire industries, emphasizing the need for improved preparedness measures upfront.
One way to protect critical functions is by adopting cyber-informed engineering (CIE) and consequence-driven, cyber-informed engineering (CCE). CIE and CCE ensure that even in the face of an attack, the core operations of the company continue to function. Unfortunately, the Colonial Pipeline attack demonstrated the opposite scenario, where the primary pipelines were shut down, leaving only a few tributaries operational. Critical infrastructure systems need to incorporate additional monitoring measures that complement CIE to ensure the security of their systems, enabling them to learn from past mistakes like the Colonial Pipeline hack and prevent their recurrence.
In conclusion, the
Key points:
– The Colonial Pipeline hack highlighted the complexity of attacks on critical infrastructure and the need for improved protection of crucial systems from threat actors.
– Cyber-attacks against critical infrastructure in the United States have doubled, with most of these attacks originating from outside the country.
– The blurred line between IT and OT systems underscores the need for improved preparedness measures upfront.
– Cyber-informed engineering (CIE) and consequence-driven, cyber-informed engineering (CCE) can help protect critical functions and ensure that core operations continue to function even in the face of an attack.
– Critical infrastructure systems must incorporate additional monitoring measures that complement CIE to prevent future attacks.