Organizations around the world must remain vigilant against the possibility of widespread cyberattacks as the conflict in Ukraine continues. In addition, the fact that some governments and companies actively declare their support for Ukraine or Russia or take actions that may affect them, may make them the target of possible cyber attacks. In this context, and bearing in mind what other attacks on critical infrastructure have been, governments should review the defense systems of critical sectors, since the consequences of a cyber attack on essential infrastructure for the population can have significant consequences.
WHAT IS THE CRITICAL INFRASTRUCTURE OF A COUNTRY?
Critical infrastructure of a country is defined as the systems, both digital and physical, that provide essential services for society and that, if impacted by a cyberattack, could have a serious impact that affects security, economy, politics, energy, health, communications or transportation, among others.
The health sector, for example, has been a recurring target of attack in recent years. When hospitals or organizations in this sector were attacked during the pandemic, such as the Conti ransomware attack on Ireland's public health system, among many other attacks on health, many of these organizations saw their ability to provide adequate care undermined. Care for their patients, and it took weeks or months in some cases to get their technology infrastructure fully operational again. In fact, according to a survey conducted by the Ponemon Institute, more than 35% of participants said they witnessed an increase in complications from medical procedures as a result of a ransomware attack, and more than 70% said delays in test results and medical procedures led to complications for patients who needed this information.
The current situation in Ukraine leads many organizations and countries to remain alert to the risk of an increase in cyberattacks on other countries and highlights the problem of the security of government environments and their critical infrastructure.
Ukraine, regardless of the latest attacks and the current conflict situation, is a country that has some experience dealing with attacks on critical sectors, since in recent years it has been one of the main focuses for this type of attack.But it is also important to remember that in a country there are not only critical industrial infrastructures, but also those rooted in the production of digital services that are vital for the country's population (critical digital infrastructures).
For example, with the At the start of Russia's attacks on Ukraine, in the first days of March, our experts discovered a new threat called HermeticWizard, which aimed to erase all information from hundreds of computers belonging to Ukrainian entities.
There is a great diversity of critical infrastructure in a country. Talking about a critical financial system is not the same as talking about a critical system that acts on an industrial system (chemical plants, energy sectors, among others). However, what we can mention in general terms are the types of computer threats used to affect these critical systems. In general terms, we can divide them into:
-APTWorms (worms)
-BotnetsDDoS attacks
-Trojan Exploits
-Zero Day
-Phishing
Unfortunately, not all countries have cybersecurity plans to support their criticalinfrastructure. That is why it is important that companies, as well asgovernments, begin to implement solutions and plans that reduce the risks oftheir critical infrastructures. To do this, together with our group of cybersecurity experts, we share a series of tips tominimize risks of critical sectors:
· Implement not only ThreatIntelligence solutions, but also implement more proactive solutions, such asThreat Hunting, to avoid falling into attacks that have not yet been detected.
· Design clear and objective incidentresponse plans.
· Implement the Zero Trust model andlayered security.
· Develop training plans for employeeson information security.