Protecting Critical Infrastructure Amid the Ukraine Crisis

The rapidly evolving conflict in Ukraine enhances the cybersecurity risks emanating from Russia, making threat detection and response an even more urgent priority for critical infrastructure entities.

The FBI has warned businesses to watch for potential attacks as retaliatory cyberattacks are likely to follow global sanctions against the Russian government.

Bill Moore, Xona‘s founder and CEO, spoke with us about key emerging best practices that critical infrastructure entities can deploy to enhance their defense.

Channel Futures: Are critical infrastructure entities highly sought after by attackers associated with the conflict in Ukraine? Are they therefore more at risk?

Bill Moore: All of the largest companies or entities in the world have critical infrastructure. Manufacturers and energy companies have plants with critical operational technology (OT). Transportation companies, including maritime and rail, utilize industrial controls. Even financial institutions utilize data centers that rely on temperature-controlled environments, which rely on industrial-controlled HVACs and fire suppression systems.

Attackers that are focused on financial aspect are looking for vulnerable critical systems where the organization can be held hostage through ransomware. They are looking for low-hanging fruit, which can be IT or OT systems. Nation-states, or attackers associated with the Ukraine conflict, employ advanced methodologies that automatically heighten risk to every organization and its critical infrastructure.

CF: Are most critical infrastructure entities not prepared for the types of attacks happening and that will be happening in the days ahead? If so, how?

BM: Most of these entities have critical infrastructure entities that are very vulnerable to even garden variety phishing/malware. Recent successful attacks on a Florida water treatment plant, Colonial Pipeline and Toyota manufacturing plants illustrate the problem.

CF: How quickly can critical infrastructure entities enhance their cyber defenses? Do they need to act as quickly as possible?

BM: Fortunately, critical infrastructure entities can enhance their cyber defenses with a simple and secure OT access control solution that protects and isolates access to vulnerable OT systems and protocols. These entities need to act as quickly as possible as there are internet tools such as Shodan that can be used to find and expose critical infrastructure systems.

CF: If an entity is attacked, what’s the proper course of action to minimize damage?

BM: Leverage incident response tools and consultants to immediately assess, isolate and remediate any compromised systems.