News, news analysis, and commentary on the latest trends in cybersecurity technology.
In this Tech Talk, Darktrace's David Masson and Dark Reading's Terry Sweeney discuss the rise of destructive attacks against critical infrastructure.
For years government regulators and security experts have been sounding the alarm about attacks that could cripple critical infrastructure — the assets and systems that support the functioning of a modern society and economy — but it took the attack against Colonial Pipeline for people to really pay attention, says David Masson, director of enterprise security with Darktrace.
That ransomware attack showed people firsthand how a cyber threat actually stopped gas from coming out of the pump, says Masson in this Tech Talk conversation with Dark Reading's Terry Sweeney. It doesn't even matter that the attackers behind Colonial Pipeline likely did not intend that outcome.
Since then, several other critical infrastructure organizations have been hit by ransomware and other attacks. There is also a worrisome trend toward more destructive attacks, Masson said. As an example, he points to the Russians trying to take down the telecommunications network in Ukraine to disrupt communications within the country. When their attempts failed, the Russians shot missiles directly at the cell towers and destroyed them, Masson notes.
About 85% of critical national infrastructure is under private control in North America, Masson says, which makes regulating critical infrastructure a bit of a challenge. The shift to public-private partnership, where infrastructure operators share threat information and intelligence with government agencies, is essential to understand the scale of the threat, he says.
President Dwight D. Eisenhower famously said that plans are worthless, but planning is indispensable. That mindset should drive security preparations: Deploy technology that gives visibility into the network, train people to recognize attacks, and maintain good backups so you can rebuild the infrastructure when needed.
"Start practicing and get ready so you don't end up being a rabbit stuck in the headlights," Masson says.
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024