Experts at GISEC Global 2024 provide insights into the current conditions surrounding critical infrastructure cybersecurity – and how to prevent the attacks
According to a survey conducted by Allianz Risk Barometer, which analyzed top cybersecurity risks around the world, critical infrastructure cybersecurity emerged as the second-highest concern among 1,112 global respondents.
Paired with the turbulence of current geopolitical events and an ever-deepening reliance on digital devices, respondents believe that the potential shutdown of critical infrastructure is expected to become the number-one priority for businesses in the future.
Defined as ‘systems and assets, whether physical or virtual, that are so vital to a nation that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters,’ critical infrastructure cybersecurity plays a key role in upholding societal function.
GISEC Global 2024, the Middle East’s biggest nexus for the international cybersecurity community, will be held from 23-25 April at Dubai World Trade Centre and will welcome leading industry experts to the stage to discuss the importance of critical infrastructure cybersecurity, the biggest vulnerabilities apparent in systems, and how organisations can better equip themselves for a cybersecure future.
Vulnerabilities persist across critical infrastructure sectors:
Within the international cybersecurity community, it is widely understood that the most targeted critical infrastructure sectors often include utility sectors, such as energy and telecommunications, as well as healthcare, finance, transportation, and government services.
According to Dimitri van Zantvliet, Cybersecurity Director and CISO of Dutch Railways, will be speaking at GISEC’s Critical Infrastructure Cybersecurity Stage
According to van Zantvliet, the most targeted critical infrastructure sectors by cybercriminals are typically those that provide essential services and have high dependencies on digital technologies.
“For organisations in these sectors, legacy systems and interconnectivity are vulnerabilities that should be of particular concern,” he said. “Many critical infrastructures rely on legacy systems that may not have been designed with current cyber threats in mind, and the increasing interconnectivity between different systems can create vulnerabilities, as a breach in one system can lead to a cascade of failures across others.”
Dependence on third-part vendors, a lack of cybersecurity training, inefficient physical security measures, and insider threats also play a role in weakening critical infrastructure systems.
Transportation and energy sectors emerge as popular targets:
For van Zantvliet, working in the transportation sector provides a unique set of challenges. The industry has proven to be an especially attractive target for cybercriminals, largely due to its criticality for the functioning of society, with disruptions having the potential to cause widespread repercussions for individuals, businesses, supply chains, and government operations.
The data-richness, high visibility, and interconnectivity of transportation services around the world also contribute to the motivations of various threat actors.
“Given these factors, it is crucial for transportation sector entities to prioritise cybersecurity,” said van Zantvliet. “This involves not only protecting IT infrastructure but also operational technology (OT) systems, which are often used to control physical transport mechanisms and are increasingly targeted by cyber criminals. The integration of IT and OT systems, while beneficial for operational efficiency, also presents additional challenges as the two systems may have different security systems and vulnerabilities.”
Mihir Joshi, Group Chief Cyber Security and Information Officer at Tata Power – India’s largest integrated power company – will be speaking at GISEC’s Critical Infrastructure cybersecurity Stage. He has faced similar challenges in the energy sector, and based on his experience, the supply chain and its major blind spots are a primary concern.
“As of late, the energy sector has seen a considerable rise in cybersecurity attacks,” he said. “There is a tremendous need to develop more cyber talent to keep pace with rapidly escalating threats. The sector’s continued acquisitions and growing complexities have increased the attack surface to the point where a unified approach to OT security is becoming difficult. We have a long way to go with implementing basic approaches before we can find an advanced solution, and we will only achieve this through public-private relationships that share threat intelligence and mitigation strategies.”
The impact of ransomware, social engineering, and botnets:
Perhaps two of the biggest – and fastest-evolving – threats affecting all categories of critical infrastructure are ransomware and social engineering.
For Pedro Cameirão, the Vice President and head of Nokia’s Cyber Defense Center (CDC), ransomware remains a significant concern, particularly due to its potential to cause widespread disruption and financial damage.
“In the current geopolitical context, ransomware attacks remain a huge concern for both companies and governments. Ransomware ‘detonation’ will always create noticeable service disruptions and impact on the victims’ systems,” he said.
Threats like these are often compounded by the rise of AI-enabled phishing campaigns, which leverage machine learning to craft more convincing fake messages and websites that are harder for users to detect.
“Social engineering continues to be a prevalent attack vector, but not the only tactic employed to deceive employees,” Cameirão said. “One must note that as cybersecurity awareness matures, attackers keep adapting their phishing approach. For example, vishing [voice phishing] and QRLjacking have increased in 2024 to circumvent growing phishing awareness and other protections deployed in email systems.”
Malicious botnets and Distributed Denial of Service (DDoS) attacks are also gaining momentum, as seen in the groundbreaking attack reported by Cloudfare in 2023, which peaked at an astonishing 71 million requests per second – a 54 per cent increase from 2022’s record. The attack originated from a network of over 30,000 IP addresses in a stunning display of unprecedented scale and coordination.
“Botnets harness the collective power of compromised devices to launch disruptive attacks. Ensuring these devices are not co-opted into botnets involves a commitment to rigorous security practices. As the number of IoT devices grows, the responsibility to maintain their security must be a top priority to prevent their abuse,” van Zantvliet said.
Joshi also cites their capacity to endanger human lives, with a DDoS attack carrying the potential to shut down the entire grid, resulting in disruptions to critical industries such as hospitals and causing interruptions to vital life-giving measures such as ventilators.
Government intervention is paramount to achieving cybersecurity:
Despite the challenges facing critical infrastructure around the world, there are still steps that can be taken to mitigate the evolution of attacks from cybercriminals – most notably, government intervention.
“Governments have a critical role in bolstering cybersecurity for critical infrastructure sectors, often providing the impetus for organisations that may lack intrinsic motivation due to financial constraints,” van Zantvliet said.
“Effective government strategies include setting regulatory standards, facilitating information sharing, and providing financial incentives or support for implementing robust cybersecurity measures.”
Cameirão agreed, emphasising the need for enforced regulations and greater collaboration between public and private sectors on a global scale, adding: “International cooperation is essential, as most cyberattacks and crimes are executed across country borders and outside the jurisdiction of a single state.”
To learn more about GISEC Global 2024, visit: www.gisec.ae