Welcome to Cyberstrike Brief, your source for the latest cybersecurity insights in smart manufacturing.

Industrial Operations 

How Cyberattacks Are Threatening America’s Critical Infrastructure

The aging U.S. electric grid, coupled with advanced cyber threats, puts the nation’s energy security at serious risk, requiring immediate defense strategies.

by | Jan 29, 2025

How Cyberattacks Are Threatening America’s Critical Infrastructure

The United States’ critical infrastructure is the engine of our industrial economy. As these sectors have transitioned to digital operations in recent years, they have also introduced new levels of security vulnerabilities that threaten the core of this engine.

The grid and energy-related infrastructure are particularly vulnerable to both physical and cyberattacks. Given the aging infrastructure and the many interconnected networks of its industrial control systems, it is not surprising that threat actors would actively map and attack energy facility networks.

The primary issue at play here is the unbalanced match of an outdated electric grid in desperate need of modernization versus adversaries with rapidly increasing resources and sophistication. Consequently, the energy infrastructure faces a broad range of attacks—including ransomware, bots, phishing scams, and the exploitation of software flaws and malware that render networks vulnerable—from terrorists, hostile insiders, and physical intruders without the resources necessary for active defense.

To win this fight, the sector must learn to defend vital information technology (IT), operational technology (OT), and industrial control systems (ICS) against cyberattacks. Each has its access points, operational frameworks, and a range of new and legacy technology.

Defending the IT/OT Convergence

Industrial control systems (OT and IT) comprise both physical and digital connectivity, which together form the foundation of electric utility networks. The severity of a cyberattack on an industrial control system depends on whether hackers were able to access both the traditional OT computer systems and the IT internet-connected systems that operate the physical equipment.

Adversaries use the convergence of OT and IT networks to increase the attack surface and exploit connectivity flaws. Additionally, effective cybersecurity practices in IT could potentially jeopardize the security of OT (e.g. because updates interfere with real-time system functions, patching tactics may not be an option).

Another factor is the addition of new enabling technologies, which are increasing attackers’ capabilities. By identifying security flaws and taking advantage of automated phishing assaults, artificial intelligence is enabling cyberattacks to become increasingly sophisticated. Hackers now have a better understanding of control systems and the integrated OT and IT infrastructures, and they may use weaponized malware to target power plants and other energy-related assets. This is another factor contributing to the sector’s increased vulnerability.

Read More: Six Critical Steps to Secure the Space Sector

Additionally, any threat matrix must account for the grid’s susceptibility to various malevolent acts in addition to cyberattacks. This includes physical events (terrorism, explosives, electromagnetic attacks, or EMP), weather events (lightning), electric and geomagnetic superstorms (Carrington Event 1859), solar flares, cascading power (overuse), and human error blackouts. Prioritizing digital attacks is crucial, but ensuring the safety of crucial infrastructure necessitates a comprehensive strategy.

How to Strengthen Our Vital Network and Infrastructure Defense

The critical energy sector should adhere to a number of themes and precautions to reduce risk. They consist of:

  • Have a plan and be ready. Given the constant evolution of methods, tools, and malware variations, it is crucial to consistently assess and adapt to the evolving energy cyber-threat landscape. Emerging technology is causing both the offensive and defensive cyber and physical security environments to evolve. Encourage public-private partnerships. The public and commercial sectors must continue to share and communicate cybersecurity information as a cooperative strategy. Public-private partnerships have become a primary emphasis of DHS CISA to safeguard critical infrastructure.
  • Update and abide by industry standards, particularly those on SCADA (Supervisory Control and Data Acquisition). Power companies use many SCADA networks to manage their industrial systems, and they need to update and strengthen them to withstand the growing cybersecurity threats. This includes standards such as NIST, IEC 62443, and ISO 27001. The cybersecurity protocols of the Federal Energy Regulatory Commission, the U.S. Nuclear Energy Regulatory Commission, the North American Electric Reliability Corporation, and the National Institute of Standards and Technology are also important for the energy sector to implement.
  • Monitor access control. Do networks, sensors, gadgets, and equipment have privileged access, and are they under surveillance? Strong access management control and cyber incident response programs are important. Innovative technologies are appearing. Because the technology landscape is changing, investing in cybersecurity and next-generation security procedures is critical. It is especially necessary to purchase automation tools using artificial intelligence.
  • Protect supply chains. The security challenge comes down to the visibility of understanding what is connected in the supply chain landscape, knowing how to best protect the most important assets, and effectively implementing strategies for mitigating and remediating security incidents and breaches.
  • Control of risks. A thorough risk management approach is the most efficient way to deal with these issues. There are several risk frameworks to consider. These include:
    • Security by Design, which advocates for the creation of flexible, resilient systems with functional cyber-fusion, enabling them to detect, identify, and respond to emerging threats.
    • Defense-in-depth, which encompasses cybersecurity technology, procedures, air-gapping, hardening, encryption of sensor data, and OT and IT segmentation.
    • Zero Trust framework refers to a developing collection of cybersecurity paradigms that shift defenses away from static, network-based perimeters and toward a focus on people, resources, and assets. It is especially  important to use zero-trust concepts in a zero-trust architecture (ZTA) for enterprise and industrial infrastructure and workflows.

Although all 16 critical infrastructure categories face security risks, the energy sector is particularly vulnerable to hackers. The Department of Energy, industry, and CISA are collaborating to protect against various dangers. In an era of increasing threats, cybersecurity and modernization will require more investment and adaptation of emerging defensive cybersecurity technologies.

 
 

Learn More About:

Cyber Attack Prevention and Mitigation | Cybersecurity Threats and Trends | IT and OT Cybersecurity | Operational Impact of Cybersecurity | Risk Management

About the Author

Chuck Brooks, President and Consultant, Brooks Consulting International

Chuck Brooks serves as President and Consultant of Brooks Consulting International. Chuck also serves as an Adjunct Professor at Georgetown University in the Cyber Risk Management Program, where he teaches graduate courses on risk management, homeland security, and cybersecurity. Chuck has received numerous global accolades for his work and promotion of cybersecurity. Recently, he was named the top cybersecurity expert to follow on social media, and also as one top cybersecurity leaders for 2024. He has also been named "Cybersecurity Person of the Year" by Cyber Express, Cybersecurity Marketer of the Year, and a "Top 5 Tech Person to Follow" by LinkedIn” where he has 120,000 followers on his profile. Chuck has keynoted dozens of global conferences and written over 350 articles relating to technologies and cybersecurity. As a thought leader, blogger, and event speaker, he has briefed the G20 on energy cybersecurity, The US Embassy to the Holy See and the Vatican on global cybersecurity cooperation. He has served on two National Academy of Science Advisory groups, including one on digitalizing the USAF, and another on securing BioTech. He has also addressed USTRANSCOM on cybersecurity and serves on an industry/government Working group for DHS CISA focused on security space systems. In his career, Chuck has received presidential appointments for executive service by two U.S. presidents and served as the first Director of Legislative Affairs at the DHS Science & Technology Directorate. He served a decade on the Hill for the late Senator Arlen Specter on Capitol Hill on tech and security issues. Chuck has also served in executive roles for companies such as General Dynamics, Rapiscan, and Xerox. Chuck has an MA from the University of Chicago, a BA from DePauw University, and a certificate in International Law from The Hague Academy of International Law.

 

You Might Also Like