Critical infrastructure IoT security: Going back to basics
We are witnessing numerous and damaging attacks on critical infrastructure lately. What is the main cause that makes them susceptible to these attacks?
Over recent years, attacks on critical infrastructure have grown from moderate risk to major headline-grabbing news and attackers’ capabilities have also continued to develop.
Criminal organizations and nation state threat actors have continued to ramp up attacks on critical infrastructure entities, with major attacks on the Colonial Pipeline, SolarWinds, and the California and Florida water systems to name a few.
The critical infrastructure sector is vital to the successful functioning of modern society and economies. Whether it’s electricity generation, oil and gas, telecom or water, the services these organizations provide are essential to everyday life, and for businesses to operate effectively.
Due to the vital role these organizations play, they are attractive targets for threat actors wanting to cause serious disruption through cyberattacks. Motivation for doing so varies from hacktivists with political motivations, hostile nation-states wanting to cause economic damage or criminals seeking to extort money.
Traditionally, critical infrastructure lags behind in its investments in cybersecurity or cybersecurity is not seen as a core business priority. When you combine an easy target with high impact to the business and their customers, and the means to pay, you’ve got the prime target for a cyberattack.