As part of raising awareness during National Cybersecurity Awareness Month (NCSAM), each week in October we will feature a topic centered around the theme “our shared responsibility.” In our final installment, we feature the importance of securing our critical infrastructure and highlight the roles the public can play in keeping it safe..
THERE HAS BEEN A 400% RISE IN REPORTED CRITICAL INFRASTRUCTURE ATTACKS FROM 2013 TO 2016.
Our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic consequences for our nation.
Statistics: Critical Infrastructure is at Risk
- The number of attacks reported to the U.S. Department of Homeland Security’s ICS-CERT cybersecurity response team has gone up almost 400% since 2013 – jumping from 73 to 290 incidents in 2016. [1.]
- Of the 290 incidents reported to the ICS-CERT cybersecurity response team in 2016:
- 63 were in the Critical Manufacturing Sector
- 62 in the Communications Sector
- 59 in the Energy Sector [2.]
- The number one risk to critical infrastructure? Spear phishing, which represented 26% of incidents reported to the DHS ICS-CERT. [3.]
#CyberAware Tips for Critical Infrastructure Professionals
When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to access your information. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark it as junk.
Safer for me, more secure for all: If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences or training employees – our interconnected world will be safer, more resistant from attacks and more resilient if an attack occurs.
Lock down your login: Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Strengthen online accounts and use strong authentication tools – like biometrics, security keys or a unique, one-time code through an app on your mobile device – whenever offered.
Keep a clean machine: Keep all software on internetconnected devices – including personal computers, smartphones and tablets – current to reduce risk of infection from ransomware and malware.
Useful Resources:
- ICS-CERT: https://ics-cert.us-cert.gov/
- Homeland Security: Critical Infrastructure Security:
https://www.dhs.gov/topic/critical-infrastructuresecurity - NIST Framework for Improving Critical Infrastructure: https://www.nist.gov/publications/framework-improving-critical-infrastructure-cybersecurity-version-11
References:
[1.] ICS-Cert Year in Review 2016: http://bit.ly/2nq7GfH
ISA New Orleans Section 