DailyPost 2158
CRITICAL INFRSTRUCTURE UNDER ATTACK
Critical infrastructure has always been the target of the enemy, from Pearl Harbour and earlier to the current Russia – Ukraine War. The debilitating impact of the attack on critical infra is known to all and thus gets a major share of the thought process on military strategy. From a nation state defined and declared war, we have moved on to a stage where critical infra can be attacked at any point in time. As cyber war is an ongoing was of attrition, in the same manner cyber attack on critical infra is an ongoing process depending on the exigencies of the day and the tech capability to hack.
Hacking of the nature we are talking about demands extreme levels of hard work, strategy and precision besides the technical skills to do the same. Present day wars are complimented and supplemented by an undeclared cyber war. Either way, critical infra is under attack by the hackers for quite some time, more so of the ransomware nature, but we still keep wishing it away. That does not happen. We will be forced to face it. We already have any number of examples of ransom being paid. This can only be called as an act of desperation.
We are not able to prevent and we are not able to investigate and detect. If some success happens in investigation, you will still not be able to nab the culprit. So, securing critical infra should be priority before it is too late. Recently, a ransomware gang infiltrated a water company, and critical infra companies need to take lessons from it. If we fail doing it, for sure the consequences would be catastrophic. The recent attack on South Staffordshire Water, which provides drinking water to 1.6 million people was hit by what is called as a criminal cyber-attack. Clop ransomware group which attacked the facility claim that they don’t attack critical infra, but they stole over 5TB of data and attempted to extort a ransom payment for not releasing it.
What if the cyber criminals would have managed to encrypt the network and control water supplies? If they were able to change the chemical balance of water? In Florida last year an unidentified hacker was able to hamper with chemical levels in the water supply to the extent that it would’ve been poisonous to drink. What a crazy experiment? Colonial Pipelines hack and its repercussions we are already aware of. These are old networks, with age old operating systems, unable to receive updates, make them prime targets. Today, these networks are increasingly connected to Internet of Things devices and sensors, which make them more vulnerable. Do we even think of a dispassionate cyber audit and capital ingestion to improve the cyber security stance? The state actors have added a new dimension.
ALL CRITICAL INFRA NEEDS TO TAKE A CYBER SECURITY CALL.
Sanjay Sahay