The collapse of the Francis Scott Key Bridge in Baltimore, Md., in late March created a wave of concern across the nation. Initial speculation and conspiracy theories surrounding the cause of the collapse, including fears of a cyberattack, led to widespread unease. While investigations eventually ruled out deliberate sabotage, the incident highlighted the vulnerability of physical infrastructure to potential threats.
The incident served as a stark reminder of the potentially devastating impact of cyberattacks on US infrastructure and human safety. It also shed light on a larger issue at hand: the general lack of awareness regarding cyber risks to critical infrastructure. Whether the collapse was a result of foul play or not, it underscored the looming risk to critical infrastructure that remains very real and potentially imminent if not addressed promptly. While the physical attack brought the possibility of cyberattacks to the forefront of public consciousness, there are numerous unseen threats lurking beneath the surface that pose equally significant dangers.
Despite physical incidents grabbing headlines and public attention, silent and invisible cyberattacks on critical infrastructure often go unnoticed and poorly understood. The recent MITRE breach serves as a prime example, where a breach through Ivanti zero-day vulnerabilities affected 1,700 entities but flew under the radar of most Americans. While this breach did not result in visible damage, it did lead to unauthorized access to sensitive data, posing risks to national security and intelligence operations.
The disconnect between public perception and cyber threats is a pressing issue that cannot be ignored. It is essential to combat misinformation and raise awareness about cyber risks facing critical infrastructure to bolster collective resilience against evolving challenges in the cyber realm.
The public’s reaction to the Francis Scott Key Bridge collapse highlighted a collective anxiety about cyber threats to critical infrastructure. While references to fictional scenarios like the Netflix movie “Leave the World Behind” fueled fear and anxiety, it also presented an opportunity for reflection and action to improve critical infrastructure security. Society’s tendency to attribute physical events to deliberate human actions more readily than cyberattacks can impact the severity and urgency of responding to cyber threats—a significant challenge that must be addressed.
As the election season approaches, there is a critical opportunity for voters to advocate for policies that enhance critical infrastructure security. Recognizing the link between cyber and physical threats and understanding the real-world consequences of cyber incidents can drive greater investment and action to safeguard the nation’s infrastructure.
A recent poll revealed that 81% of Americans are concerned about the security of critical infrastructure, indicating a growing awareness of the issue. However, there is a need for more education and awareness surrounding cyber risks to critical infrastructure. Initiatives such as the Cybersecurity Education and Training Assistance Program (CETAP) aim to enhance cybersecurity education at all levels, but more significant policy changes are necessary to prioritize cybersecurity across critical infrastructure industries.
Taking a proactive approach to cybersecurity through measures like zero-trust strategies, continuous monitoring, and regular updates can help prevent incidents before they happen. By fostering a culture of cyber literacy and proactive risk mitigation, stakeholders can effectively respond to cyber threats and work towards a secure future where misinformation and distorted perceptions do not exacerbate national security threats. By staying informed, educated, and proactive, we can build a resilient and secure infrastructure for tomorrow.