In a recent press release, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) jointly issued a warning about the ongoing threat to U.S. critical infrastructure. The three federal agencies highlighted the activities of “Volt Typhoon,” a group of threat actors believed to be working under the direction of the Chinese Communist Party (CCP), posing a significant challenge to operators of transportation, commerce, clean water, and electricity services.
According to the warning, Volt Typhoon exploits online assets that have not been updated with the latest vulnerability patches. In response to this threat, Fortress Information Security has teamed up with leading power companies in the U.S. to reduce exposure from external threats by ensuring prompt notification of security updates and implementing their File Integrity Assurance (FIA) solution. This advanced solution automates patch management and offers a mechanism to verify software identity and integrity before installing patches, thus helping utilities streamline the process of monitoring patch sources and preventing malicious updates from compromising the integrity of utility companies’ assets.
Moreover, FIA also serves as a cost-effective way for companies to comply with Critical Infrastructure Protection 007 & 010 (CIP-007 and CIP-010) standards set by the North American Electric Reliability Corporation, the industry-accepted security standards governing North America’s Bulk Electric System (BES).
Fortress CEO and co-founder Alex Santos emphasized the importance of CIP compliance for critical infrastructure companies, stating that FIA provides a more economical means for companies to meet these standards while enhancing their overall security posture. In light of recent findings by Fortress researchers, which revealed that a substantial portion of software used by U.S. electric companies contained contributions from developers associated with Russia or China, Santos reiterated the critical need for enhanced security measures to protect against vulnerabilities inherent in software supply chains.
The research conducted by Fortress uncovered that software products with components from Russia or China were significantly more likely to contain vulnerabilities, including critical ones that pose a significant risk to systems and data. This underscores the urgent need for heightened cybersecurity measures to counter the growing threat posed by malicious actors targeting critical infrastructure assets.
In light of the SolarWinds attack in 2020 and the ongoing activities of groups like Volt Typhoon targeting utility providers, Santos emphasized the critical role of software security in preventing cyberattacks. He stressed the importance of adopting innovative solutions like FIA to proactively close security gaps and safeguard against potential threats posed by adversaries.
Furthermore, Fortress’s analysis of Software Bills of Materials (SBOMs) for SMB network gear and traditional OT equipment revealed that known vulnerabilities in these systems often remain unaddressed for extended periods, leaving them susceptible to exploitation by threat actors. FIA provides an added layer of defense by alerting users promptly about new updates and ensuring the authenticity and integrity of software updates to prevent unauthorized access to systems.
In conclusion, the collaboration between Fortress Information Security and major power companies in the U.S. underscores the urgent need for robust cybersecurity measures to safeguard critical infrastructure assets from evolving threats. By equipping utility providers with advanced solutions like FIA, organizations can enhance their security posture and mitigate the risks associated with cyberattacks targeting essential services.