Cyberattacks on critical infrastructure pose a growing threat to the American people, but federal agencies have a unique opportunity to leverage partnerships and strengthen cyber defenses for a more resilient future.
Cyberattacks targeting critical infrastructure, such as water and wastewater systems, energy grids, transportation networks, and communication systems, have increased over the past few years and have the potential to disrupt the lives of the American people. According to Microsoft, the number of cyberattacks targeting critical infrastructure systems doubled to 40% of all attacks. These attacks exploit vulnerabilities in the interconnected systems underpinning essential services.
Securing critical infrastructure from cyberattacks requires more than defending critical infrastructure assets; it also requires understanding and shaping the incentives of all stakeholders. If we can harness positive incentives toward collaboration and social connection, then we can establish a more resilient critical infrastructure available to citizens when they need it most.
Teamwork Makes the Dream Work
Protecting critical infrastructure and essential resources is a collective effort, with various stakeholders playing vital roles. For example, the private sector owns more than 80% of the nation’s energy critical infrastructure.
Aware of this arrangement and its potential impact, the Cybersecurity and Infrastructure Security Agency (CISA) classified U.S. critical infrastructure into 16 sectors ranging from food and agriculture to financial services and information technology (IT). CISA’s role in protecting against threats and creating a more resilient infrastructure includes several complexities:
Protection is a continuous effort requiring collaboration among government agencies, owner-operators, and industry partners.
Critical infrastructure presents a large cyberattack surface, yet only 25% of those organizations have implemented 24/7 security monitoring of IT and 81% expressed worry about the dangers of cyberattacks on U.S. facilities.
The attack surface also extends to the supply chain where attackers often look for entry points. According to John Mandell, Managing Director at Maximus responsible for the National Security Practice, it is also important to address the origin and the ripple effect of a cyberattack.
“It’s no longer just about securing the critical infrastructure, it’s also essential to secure your connections to suppliers and to have plans in place that address a breach,” Mandell said. “Understanding the blind spots leads to building resilience into the ecosystem and minimizing the disruption to operations and the impact on users.”
Threats to Industrial Control Systems
Industrial Control Systems (ICS) power many functions of critical infrastructure facilities. They automate and manage essential processes to enhance operational efficiency, but at a cost: Their integration with digital technologies has exposed them to an array of cyber threats. These systems were not designed with cyber threats in mind, so they often lack adequate protections and protocols. CISA reported 670 vulnerabilities in ICS systems this year and the number of cyberattacks targeting physical systems will increase as bad cyber actors adjust tactics to take advantage of multiple touchpoints between ICS and IT systems.
One example of threat evolution is the rise of ransomware attacks in which threat actors gain control of systems, then encrypt data or disrupt operations until a ransom is paid. The Colonial Pipeline attack in 2021, for example, led to a temporary shutdown of a large fuel pipeline in the United States, causing fuel shortages.
To safeguard critical infrastructure, industrial organizations should prioritize cybersecurity and invest in robust protective measures, including regular security audits, timely updates, employee training, and proactive threat detection and response mechanisms.
“Critical infrastructure providers need the same level of cyber protection as our government agencies with a zero trust architecture, monitoring, and remediation processes,” Mandell said.
How to Fortify Critical Infrastructure Against Cyberattacks
When cyberattacks happen, we quickly realize the personal impact they have on our lives. Both public and private sectors can remain vigilant by routinely scanning networks, hunting for cyber threats, and engaging in data protection measures under a zero trust architecture.
To address this challenge, Maximus, a leading cybersecurity solutions provider, has emerged as a reliable partner for government agencies seeking to protect their critical infrastructure from cyber threats. Maximus supported the establishment of the first DHS Cybersecurity Service Provider Center of Excellence, and its industry best practices offer federal agencies a clear path forward to improve cyber defenses for critical infrastructure.
“At Maximus, we play a critical role for our DHS customers and other federal customers by solving both the business and the technical challenges of cybersecurity. We serve as an advisor in establishing and optimizing policies, programs, and communications to prevent cybersecurity breaches. We also deploy technology to support vulnerability assessments, threat detection and intelligence, digital forensics, and incident response,” Mandell said.
Having these capabilities on hand means DHS can share cyber risk information with infrastructure providers and other agencies. Continuous collaboration between government and industry brings together the most current technology and cyber expertise needed to address cyber threats.
As cyber threats continue to evolve, partnerships between DHS and industry participants such as Maximus remain essential to a strong cybersecurity strategy and building a more resilient future.