TALKING
‘‘ business
Please share an example of a cyberattack against critical infrastructure and what repercussions it has on the broader cybersecurity discourse .
APTs have continued to evolve with increased sophistication . Their targets have widened to include sectors such as energy , water treatment facilities and transportation systems . These threats often leverage social engineering , spear-phishing and exploit vulnerabilities in software and hardware to gain access to target networks , where they can remain undetected for extended periods .
An example of an APT that has recently focused on critical infrastructure is the operation of the APT group known as ‘ Red Stinger ’. Since December 2020 , this previously unidentified APT actor has been associated with assaults that specifically target critical infrastructure , transportation and military establishments in Eastern Europe .
At the strategic level , organisations need to dedicate long-term planning resources to overcome these challenges . They must develop cybersecurity strategies that are resilient enough to recover from attacks and robust enough to adapt to the ever-changing threat landscape . This entails mapping out all vital assets , evaluating potential risks and the prioritising security initiatives .
At the operational level , the challenge is to maintain the day-today security of the infrastructure or plant . This includes having an overview of supply chain security and the management of internal network complexity , while working to overcome any cybersecurity skills deficiency . In addition , organisations need to find ways to strike a balance between security measures , operational efficiencies and availability .
Daniele Mancini , EMEA Field CISO , Fortinet
The group ’ s deliberate focus on numerous entities , including those engaged in the September East Ukraine referendums , suggests that their actions were driven by geopolitical considerations . Red Stinger was able to extract various types of data from their targets , including microphone recordings , USB drives , keyboard strokes and snapshots , across various campaigns . The diverse assortment of exfiltrated data indicates the execution of a thorough surveillance operation with the intention of amassing sensitive information .
Red Stinger highlights the changing threat picture for critical infrastructure , with long-term espionage by APT organisations such as this using advanced tools and strategies to enter and stay undetected in their target networks . The emergence of these APT groups demonstrates the necessity for strong cybersecurity , on-going monitoring and international collaboration to safeguard vital infrastructure from skilled attackers .
Critical infrastructure sectors constantly face multifaceted risks from regulatory , strategic and operational dimensions . How do these challenges intertwine and how can organisations address them effectively ?
Undoubtedly , these sectors are beset by strategic , operational and regulatory obstacles that interconnect and could affect their capacity to safeguard assets from cyberthreats . Understanding the interrelationships among these challenges is the first step in tackling them .
At the regulatory level , they are faced with an extensive array of cybersecurity laws , standards and guidelines . These regulations can vary across sectors and jurisdictions , thereby presenting complexities . Organisations need to dedicate resources , not only to ensure that they are compliant but also to keep up with future regulatory changes that could cause substantial modifications to their current systems and procedures .
How can organisations navigate and stay compliant amidst the evolving regulatory frameworks influencing critical infrastructure cybersecurity ?
To operate in sectors involving critical infrastructure , organisations must effectively navigate and comply with regulations and cybersecurity standards . The recent creation of the NIS2 Directive and the Cyber Resilience Act ( CRA ) in the European Union are some examples of how dynamic the regulatory landscape can be .
Here are seven approaches organisations can adopt to navigate and stay compliant with these frameworks :
1 . Develop a compliance roadmap : Perform regular risk assessments to ensure that organisational practices are in accordance with the stipulations of NIS2 . Also , develop a strategic plan encompassing vulnerability management process , incident response plans and cybersecurity policies .
2 . Implement and maintain compliance measures : Adopt a security by design approach as mandated by the NIS2 and incorporate security
www . intelligentcio . com INTELLIGENTCIO EUROPE 35