How to Protect Critical Infrastructure From Cyber Attack
By implementing a zero-trust policy, doubling down on security fundamentals, segmenting your network and imposing robust physical security, you can help safeguard your organization against global threats.
The growing cybersecurity threat against U.S. businesses and critical infrastructure providers has reached a boiling point following a string of heavy economic sanctions imposed on Russia. The White House has urged critical infrastructure organizations to shore up their cyber defenses in preparation for potential retaliation.
Sadly, these entities aren’t strangers to this unwanted attention.
According to the FBI’s Internet Crime Complaint Center (IC3), ransomware hit at least 649 critical infrastructure organizations and targeted 14 of the 16 critical infrastructure sectors last year alone. And we saw the consequences, including:
- The water treatment plant in Oldsmar, Florida, where hackers attempted to poison the town’s water supply.
- The Colonial Pipeline, where a ransomware attack shut down operations.
- JBS, a leading beef supplier that paid an $11 million ransom to avoid greater disruptions after an attack forced the company to close meat plants throughout the U.S. and Australia.
These are merely three of the more publicized incidents, but the damage inflicted is just the start—unless organizations around the world take steps to safeguard against global threats. (Also read: How to Build Network Architecture That Facilitates Better IT Security)
Here are four cybersecurity best practices you should follow to shore up vulnerabilities and ensure you’re sufficiently protected.
1. Take a Zero-Trust Approach
Remember the “castle-and-moat” security model that gives everything inside your network the benefit of the doubt? Yeah, kiss those days goodbye. Just because something is already inside your network doesn’t mean it’s secure.
You need a zero-trust policy.
Assume all users, devices and software, both inside and outside your network, are insecure. Require strict and constant identity verification to access any resources within your network, and only grant access to those who need those resources to perform their job.
By maintaining strict access controls and providing least-privilege access, you ensure your most valuable assets are protected, limit potential data breaches and prevent insecure devices or software from giving hackers access to your company’s crown jewels.
2. Remember the Fundamentals
Many breaches occur not because hackers were able to pick the locks but because the doors were left wide open.
In other words, what might seem like the most basic security measures can go a long way to keeping attackers out.
Switch up the default login credentials on every device and schedule regular changes. Require employees to use strong passwords. Enforce multi-factor authentication (MFA). Encrypt your data at rest and in flight. Keep up with firmware updates and software patches.
Keep your employees informed of the latest cyber threats and vulnerabilities and have regular training sessions on the best cybersecurity practices and protocols. The more education you provide, the more prepared you’ll be.
3. Limit the Spread With Segmentation and Air-Gapped Backups
When you’re attacked, you want controls in place to keep ransomware from spreading and attackers from gaining a foothold into the rest of your systems. You can do this by segmenting your network and air gapping your backups.
The former isolates individual workloads within your network, protecting traffic traveling east-west within a data center, while the latter keeps your backups separate and secure even if ransomware begins spreading across your network.
4. Ensure Well-Rounded Physical Security
Not all elements of critical infrastructure sit within a secure data center. There are field offices and remote locations that have network access to critical infrastructure as well. (Also read: Making Networks More Secure in the Age of Cybersecurity.)
These locations should have the same physical security elements and policies as a secured and hardened data center.
Restrict and track physical access to facilities via badging and biometrics. Limit access for guests and visitors and use visitor logging with temporary badges (or even physical escorts). Maintain round-the-clock video monitoring and front desk and security personnel, have physical device security and install employee awareness training.
Conclusion: Stay Prepared and Alert
This past year showed us just how vulnerable organizations are to cyberthreats. So, you must be prepared and alert at all times.
Assess your current cybersecurity posture and implement these best practices where needed. That way, you can address any vulnerabilities and limit damage if you’re attacked in the future.