There is no shortage of news about attacks on critical infrastructure systems, be they water facilities, financial systems or electrical grids, and those operations have been going on for years now. But in the last couple of years there has been a change in both the sophistication of those operations and the nature of the attacks. While some attackers in the past may have been interested in stealing some data, now there are groups looking to cause service interruptions or complete shutdowns of key services.
For the teams dedicated to protecting the networks that run critical infrastructure components, the difficulty of responding to these attacks is being compounded by the nature of the threats and the barriers to gathering and sharing key information on emerging threats. An attacker interested in taking down a utility doesn’t need to be a state-sponsored professional or a government agent. He could be anyone from anywhere
“I think our real concern is the third tier, the disassociated hacktivists and terrorists. There’s probably very little reason for a nation state to carry out those attacks unless they’re willing to risk war, because that’s what it would come down to,” said Jim Jaeger, vice president of cybersecurity services at General Dynamics Fidelis Cybersecurity Solutions, speaking on a panel at the Kaspersky Lab Cybersecurity Forum here.