Globally, we live in a digital landscape full of cyber threats and vulnerabilities. We are headed to a future where both public and private sector security professionals must employ a highly collaborative and interconnected platform for critical infrastructure cybersecurity.
As the Department of Homeland Security (DHS) points out “securing critical infrastructure is a shared responsibility – shared by Federal, State, local, tribal, and territorial governments’; private companies; and individual citizens.” So, even at the macroeconomic level, cybersecurity is once again a shared responsibility in our everyday lives.
The Department of Homeland Security (DHS) currently works with many industry sectors, federal agencies, and private sector organizations to distribute information on emerging threats and vulnerabilities to critical infrastructure.
DHS dutifully monitors, analyzes, and responds to security incidents that impact core sectors of industry. These “sectors” are areas in which both public and private organizations provide vital “assets, services, systems, and networks” to the citizens of the United States. A cyber attack to any of these critical sectors could lead to disastrous effects on the security of the nation as well as public health and safety for United States citizens.
In 2013, the National Infrastructure Protection Plan (NIPP 2013: Partnering for Critical Infrastructure Security and Resilience) was created to outline how both public and private sector entities would work together to protect our critical infrastructure in the U.S.
Did you know there are 16 sectors where the United States government has set up critical infrastructure cybersecurity? Some do, but others do not realize the scope of the industries that critical infrastructure covers and how much we rely on each one. It’s critical that we have these programs to protect our critical infrastructure. We already have seen news about cyber attacks on these leading industries. These stories show us just how important it is to protect and preserve these sectors.
The Energy Services Sector
The U.S. energy sector powers the U.S. economy of the 21st century. Without a steady energy supply, the wellbeing and welfare of citizens are undermined, and the U.S. economy cannot work.
A cyber-attack in 2015 took out the energy grid in Ukraine for more than 225,000 people by using spear phishing emails. According to United States government officials, none of the industrial power grids can be connected to the Internet to prevent cyber-attacks from occurring. The only way that power grids would be disturbed is through a no-tech hacking or physical security breach.
However, some security firms are reporting that a certain hacking group called Dragonfly 2.0 targeted U.S. energy companies and successfully obtained access to the mappings for the industrial control systems that run the power grids from the business data records.
The Dams Sector
The Dams Sector supplies basic water maintenance and controls water services in the United States, including hydroelectric power, city and industrial water supplies, agricultural water systems, silt and surge control, stream route for inland mass transportation, modern waste administration, and recreation services.
In 2016, an Iranian nation-state committed a cyber-attack against the United States at the Rye Brook Dam in New York. The hackers accessed industrial control systems within the dam but were fortunately unable to release the water behind the dam due to scheduled maintenance. However, this could have been a disaster waiting to happen with just a few clicks.
The Financial Services Sector
The Financial Services Sector aims to protect our country’s most vital source of economic vitality. Wide-spread blackouts, recent natural disasters, and an increase in the number and advancement of cyber attacks show the extensive variety of potential dangers confronting this sector.
This is obviously one of the most attacked sectors within the United States. Cybercriminals attack the financial sector regularly using all types of threat actors for extortion and financial gain.
The most recent Equifax credit bureau breach with over 143 million records stolen is considered a critical infrastructure breach. This breach was so far reaching that it affected nearly half of the American population at 44% of the U.S. population.
The Nuclear Reactors, Materials, and Waste Sector
This sector includes the nuclear infrastructure and power reactors that provide electricity to millions of Americans as well as the medical isotopes used to treat cancer.
Nuclear power plants are a major concern for cyber attacks. Earlier this year, a United States nuclear facility’s business records were breached, but the critical infrastructure was not affected. Experts suggest that even though the hackers cannot access the critical infrastructure, they are still obtaining information which may be used later to hack back into the system for full control. It could lead to even more serious attacks.
The Food and Agriculture Sector
The Food and Agricultural sector is nearly completely privately owned and is comprised of an expected 2.1 million farms, 935,000 restaurants, and more than 200,000 enlisted food manufacturing, processing, and storage facilities. This division represents approximately one-fifth of the country’s economic activity.
Farmers and agricultural business owners are concerned about new vulnerabilities with farming equipment. The Food and Agricultural industry relies on more data now with connected devices, but that comes with a serious risk of new vulnerabilities. What’s more troubling is a Farm Bureau survey that stated that 87% of farmers do not have a response plan if a security breach occurred at a company holding their data.
The Water and Wastewater Systems Sector
Potable drinking water is essential for ensuring the general wellbeing for all humankind. Treated wastewater is indispensable for avoiding sickness. In this way, ensuring the supply of drinking water and the administration of wastewater treatment is essential to our Nation’s economy.
In 2016, hackers took control of US water authority company’s cellular routers for an extended period. They were able to rack up a big bill in usage – roughly from $300 per month to $45,000 in December and $53,000 in January. Water utility companies are expected to see even more attacks as new vulnerabilities surface from this industry.
The Healthcare and Public Health Sector
The Healthcare and Public Health Sector ensures health and safety for all United States citizens. The benefits from this sector are mostly private which requires a coordinated effort and data sharing between the general population and private divisions. It is a fundamental goal to expand and strengthen the country’s Healthcare and Public Health.
According to the Ponemon Institute on Breach Costs, the Healthcare industry is one of the most frequently breached industries in the world. This sector has an abundance of sensitive data and Personal Identifiable Information (PII) that can be exploited by hackers within healthcare organizations.
Many of these organization are taking a proactive approach to cybersecurity by creating tabletop security exercises, evaluating incident response plans, mandating a patch management program, and securing the IoT devices that are used by doctors and nurses throughout the healthcare facilities.
The Emergency Services Sector
The Emergency Services Sector (ESS) is a community of millions of highly-skilled, trained emergency personnel, along with the physical and cybersecurity resources, providing a wide range of preparedness and recovery services during both day-to-day operations and incident response.
The Transportation Systems Sector
The Department of Homeland Security and the Department of Transportation are assigned as the Co-Sector-Specific Agencies for the Transportation Systems Sector. The country’s transportation framework rapidly, securely, and safely moves individuals and products through the nation and abroad.
he Transportation Systems sector is seeing cyber attacks pick up as well. Most recently, the San Francisco light rail system became infected with malware viruses which took its systems offline. Our “smart” connected cities will increasingly become targets for cybercriminals.
The Chemical Sector
The Chemical Sector is an essential segment of the U.S. economy that produces, stores, uses and transports potentially hazardous chemicals. An extensive variety of other foundational sectors depend on this sector as well.
Surprisingly, the chemical industry is becoming a target for cyber attacks. A notable attack, ‘Nitro,’ occurred in 2011 whereby hackers used a malware called ‘PoisonIvy’ to steal sensitive data and information from several chemical companies throughout the U.S.
The Communications Sector
The Communications Sector is a fundamental part of the U.S. economy, and the hidden operations of all organizations, public safety associations, and government. Presidential Policy Directive 21 distinguishes the Communications Sector as critical since it gives an “enabling function” overall basic infrastructure sectors.
With the rise in mobile and tablet adoption as well as IoT, the communications sector is one of the biggest targets for cyber attacks. Fiber and switches that connect the networks that power these devices are often a target for attacks. The communications sector is the backbone for connectivity for everything we use including voice, data, Internet, and video.
The Information Technology Sector
This sector is key to the country’s security, economy, and general wellbeing as organizations, governments, the scholarly community, and private residents are progressively reliant upon Information Technology Sector capacities. These virtual and circulated capacities create and give equipment, programming, and data innovation frameworks and administrations, and—in a joint effort with the Communications Sector—the Internet.
he Defense Industrial Base Sector
The Defense Industrial Base Sector (DIB) is the overall modern complex that empowers innovative work and the upkeep of military weapons frameworks, subsystems, and segments or parts, to meet U.S. military requirements.
The DIB includes several key industries that are mostly privately owned including:
Hackers and nation-states continually target the DIB sector because of the highly confidential data and intellectual property that each area of the sector holds. Cyber espionage is quite common within this sector as state-sponsored threat actors, more commonly China, North Korea, Russia, and Iran use cyber warfare to steal sensitive data from these U.S. entities.
The Critical Manufacturing Sector
The Critical Manufacturing Sector is vital to a thriving United States economy. An immediate cyber-attack on or disturbance of specific components of the manufacturing sector could upset fundamental capacities at the national level and other basic sector areas. This sector includes manufacturers of metals, machinery, automotive and transportation equipment and electrical equipment producers.
For critical manufacturing, cyber attacks nearly doubled by September 2016, according to the U.S. DHS. Much like the DIB sector, cybercriminals attempt to steal sensitive intellectual property and data to sell for profit. Automotive manufacturers are one of the top targets for cybercriminals in the manufacturing industry, accounting for almost 30% of cyber attacks to manufacturing in 2015.
The Government Facilities Sector
This sector incorporates a wide array of buildings, situated in the United States and abroad, that are owned or rented by elected, state, neighborhood, and tribal governments. Numerous administration offices are interested in people in general for business exercises, business exchanges, or recreational exercises while others that are not open to the general population contain exceedingly delicate data, materials, procedures, and hardware.
.S. government facilities can often be a target for cybercriminals. In 2011, two research labs, Pacific Northwest Laboratory (PNNL) and Thomas Jefferson National Laboratory in Newport News, Virginia were victims of a cyber attacks. The attacks eventually caused these labs to shut down all internet access and website access for a couple days.
The Commercial Facilities Sector
The Commercial Facilities Sector incorporates many different organizations that attract individuals for shopping, business, entertainment, or hospitality. Most of these organizations are privately owned, with minimal interference from government or other regulatory bodies.
This sector is where we most commonly hear about cyber attacks in the news from private entities. Small to large corporations are becoming a victim of data breaches, malware attacks, and phishing schemes.
Why We Need Critical Infrastructure Cybersecurity?
Our Nation depends on the resilience of implementing critical infrastructure cybersecurity. Evolving threats will continue to inspire a collective effort among both private and public-sector partners. User awareness and training is the cornerstone critical infrastructure cybersecurity. Users must learn about the security best practices to ensure the resiliency of our critical infrastructure in the future.
There are several security strategies to prevent cyber attacks for these 16 critical infrastructure sectors. The recommendations include proper configuration and patch management, reducing the attack surface areas, application whitelisting, building a layered network, appropriately managing authentication, implementing secure remote access for users, actively monitoring for attack penetration and executing a prepared response.