The FBI Director, Chris Wray, warned the U.S state of an attempt of a cyberattack by state-backed Chinese attackers. U.S officials disrupted the attack that attempted to install malware that could be used to harm civilian infrastructure. According to the FBI, Beijing is gearing up to disrupt the daily lives of Americans if the United States and China ever go to war.
Shortly before FBI Director Chris Wray spoke to members of the House of Representatives, an operation was announced to destroy a botnet consisting of hundreds of home and small office routers in the United States, owned by individuals and businesses, that had been taken over by Chinese hackers who were using them to hide their tracks while spreading malware. Water treatment facilities, the electrical grid, and the country's transportation networks were among their final targets.
Jen Easterly, the director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency expressed a similar sentiment. She said, “this is a world where a major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes.” Cyber attackers can cause societal chaos and panic by attacking these critical infrastructure systems, wreaking havoc and crippling the state’s ability to face the attack.
How are Cyber Actors Achieving This?
There are several security flaws in the critical infrastructure technology and the attackers are simply taking advantage of them. Jen Easterly said, “We’ve made it easy on them.”
Legacy systems and end-of-life devices have vulnerabilities that attackers can easily exploit. Their outdated software, lack of security features, and limited vendor support are just a few reasons cyberattacks occur without much effort. Attackers exploit these vulnerabilities in OT systems to gain unauthorized access, disrupt operations, or manipulate critical processes.
Cybersecurity experts referred to Wray's warning as "an urgent call to action." They warned that turning a blind eye to the risks inside the U.S critical infrastructure is nothing but negligence. Experts in the field have also stated that several software providers give importance to convenience rather than security and fail to understand the dire consequences of this approach.
How Can We Protect Critical Infrastructure?
One of the best ways to protect legacy systems is to implement a proactive monitoring approach. Devices and networks need 24/7 monitoring to detect any anomalies and instantly block potential tampering. This helps prevent zero-day attacks and secures your OT devices from attacks even before the attack occurs. MicroIDS fingerprints each device's unique behavior within the network establishing a common baseline, and any deviations from that behavior triggers an automatic response for instant remediation.
Another major challenge of securing critical infrastructure is the interconnectedness of devices and networks. A compromise in one part of the infrastructure can potentially lead to broader systemic vulnerabilities because of lateral and horizontal movement within OT devices and networks. Therefore, it is crucial to incorporate a system that allows continuous monitoring to detect and stop anomalies.
Source: https://apnews.com/article/fbi-china-espionage-hacking-db23dd96cfd825e4988852a34a99d4ea