The recent attack on the United States by the Volt Typhoon has caused great concern for the nation’s infrastructure. Experts warn that the attack is part of an ongoing effort by Chinese hackers to disrupt critical infrastructure in the country. The attack has also raised concerns about the vulnerability of the nation’s water and wastewater ICS/OT systems, which could lead to operational disruptions and safety risks.
Since the attack, various companies, including Johnson Controls and Schneider Electric, have reported being targeted by ransomware attacks. Johnson Controls estimated that the ransomware attack against them cost $27 million, while Schneider Electric confirmed that they were also hit by a ransomware attack. These incidents highlight the growing threat of ransomware in the OT sector and the need for increased security measures to protect against such attacks.
In response to these threats, a bill has been proposed to add ICS security to the President’s Cup Cybersecurity Competition. The bill aims to enhance cybersecurity measures for critical infrastructure and strengthen defenses against cyberattacks.
Amidst these threats, the U.S. House Energy Subcommittee held a hearing to discuss the safeguarding of drinking water infrastructure from cyberattacks. During the hearing, Dragos CEO and Founder, Robert M. Lee, testified before the U.S. Congressional Subcommittee on Cybersecurity and Infrastructure Protection to address the urgent need to secure operational technology in the U.S. water sector. The purpose of the hearing was to examine the steps needed to secure ICS/OT systems in the water and wastewater sector, which are essential for maintaining the nation’s critical infrastructure.
In addition to these developments, the Control Loop Learning Lab discussed the importance of building community in the OT sector. Dragos Strategic Accounts Director Sam Van Ryder, along with Mark Urban, emphasized the need for community collaboration to enhance cybersecurity and protect against potentially destructive cyber attacks. The Dragos Community Defense Program was also highlighted, providing free access to Dragos OT cybersecurity technology for qualifying utility providers to better protect their communities from cyber threats.
To further address the growing concern over the vulnerability of critical infrastructure, a companion monthly newsletter has been introduced to provide an in-depth understanding of the current state of OT cybersecurity. The newsletter offers free subscription and can be accessed through N2K Networks website.
As the threat of cyberattacks on critical infrastructure continues to grow, it is essential for organizations and policymakers to take proactive measures to strengthen cybersecurity and protect against potential disruptions. The recent incidents and proposed initiatives highlight the need for heightened security measures and collaborative efforts to safeguard the nation’s critical infrastructure from cyber threats.