Analyzing major attacks in 2022: Lessons Learned from Critical Infrastructure Risks
While organizations’ awareness of critical infrastructure risks is on the rise, the knowledge seemingly hasn’t affected how cybersecurity management is handled.
However, with the introduction of the Cyber Incident for Critical Infrastructure Act of 2022 (CIRCIA), that should change. The United States government is actively encouraging organizations to report unusual cyber activity in order to rapidly deploy resources when attacks occur.
Attacks on Power Grids At an All-Time High
With more reporting on critical infrastructure cyberattacks, we’re learning more about vulnerabilities, and where cybercriminals are targeting their attacks. The energy sector was a clear target in 2022. As Politico reported, “people are shooting, sabotaging and vandalizing electrical equipment in the U.S. at a pace unseen in at least a decade, amid signs that domestic extremists hope to use blackouts to sow unrest.”
Dangers to critical infrastructure like electrical grids may traditionally be thought of as a cyber-security threat, but as reported, citizens are getting creative with their threats on critical infrastructure.
Supposedly, the grid should be able to maintain some damage, with parts of a network picking up slack when other parts are unavailable. However, that solution is only good to a certain extent. Realistically, when nodes or endpoints dependent on a hub become disconnected, there can be cascading effects causing the entire network to break down.
That’s why backing up data and maintaining cloud infrastructure is crucial now more than ever.
The Geopolitical Quotient
According to Microsoft’s 2022 Digital Defense Report, cyberattacks aimed at critical infrastructure worldwide were up to 40% of all nation-state attacks. This was largely due to Russian hackers targeting Ukrainian infrastructure and Ukrainian allies in the ongoing war.
Russia also sought to disrupt information technology companies, both to cause damage to governments, and to gain sensitive information. They operated primarily in North Atlantic Treaty Organization (NATO) states in response to increased sanctions and general support of the Ukrainian side of the war.
Other geopolitical players followed Russia’s suit in line with the Ukraine-Russia war. Increased espionage activities were seen coming from China, Iran, and North Korea. These attacks were primarily focused on financial cyber crime.
Attacks on international currencies, national banks, and financial institutions are constantly increasing. And when you throw some cryptocurrency criminals into the mix, you know you’ve got some chaos on your hands.
Conti in Costa Rica
In 2022, Costa Rica hosted some of the world's baddest cybercriminals. The group Conti outdid itself with its ransomware-as-a-service (RaaS). The small Central American state had to declare a national emergency following an attack from the group, which has since disappeared.
CISA also detected ransomware coming out of Iran in September 2022, which affected a local government and an aerospace company, although they did not disclose more information. Similarly, a United States Civilian Executive Branch was breached, and affected by crypto mining malware.
Protecting Critical Infrastructure
Compuquip has over forty years of experience keeping up with the latest critical infrastructure cybersecurity challenges. We can help your organization develop an IT infrastructure framework that can resist the toughest hacks, whether they are on or off the grid. Either way, we can equip you with solutions to respond to threats effectively and quickly. And we know with today’s cyber landscape, having a dedicated team to keep you and your data safe is critical. Contact us now to protect YOUR infrastructure.