Critical infrastructure includes a lot more than the obvious oil and gas companies, water systems, power systems, and transportation networks. According to the U.S. CISA, there are 16 critical infrastructure sectors that need to be protected in the public interest.
What happened recently?
Researchers from Qi'anxin Red Raindrops reported a cyberattack campaign, carried out by Russia-backed Fancy Bear group, that used fake NATO training course materials to target NATO members and other related government agencies.
A cybercriminal group posing as officials from the Texas Department of State Health Services sent out fake requests for quotes to vendors. The scammers even left a number that showed the Texas DSHS as the first result on the Google search page. The overall deal was worth hundreds of thousands of dollars.
What do the trends indicate?
A group of researchers from Temple University in Philadelphia conducted a year-long project named Critical Infrastructure Ransomware Attacks (CIRWA) and found that government facilities remained the top targets of cybercriminals in the past year. It is evidenced if we look at some of the recent attacks from the month of September:
In mid-September, we learned about a ransomware attack at the Development Bank of Seychelles. However, the technical details about the ransomware or whether attackers exfiltrated any data were not disclosed.
Three ransomware attacks were reported in the second week: NetWalker ransomware rattled K-Electric, the only electricity provider for Karachi (Pakistan); BancoEstado, one of Chile’s biggest banks, shut down all the branches following a ransomware attack (allegedly by the REvil/Sodinokibi group); Conti ransomware operators published several documents of the Fourth District Court of Louisiana on their leak site as proof of the attack.
At the beginning of this month, the NetWalker group targeted Dirección Nacional de Migracione, the Argentinian immigration agency, forcing it to take its systems offline for four hours. Hackers reportedly raised the stakes from $2 million to $4 million (~355 Bitcoins) after a week’s delay in payment.
A Dragos report earlier this year put in light how a growing number of threat groups has been specifically targeting electric utilities in North America.
Top threats faced by critical facilities
Every industry or sector has its own shortcoming and limitations. However, on a surface level, some of the top concerns include rising challenges due to the emergence of IoT devices, unpatched vulnerabilities or poor visibility of them, and irregularities in offering cyber awareness programs.
Closing lines
Most of the attacks during the COVID-19 period are deemed to be critical in nature. From organizations in healthcare and education to the utility sector and e-commerce firms, cyber adversaries have left no sector untouched.