Safeguarding the Nation’s Critical Infrastructure 

This week’s National Cybersecurity Awareness Month (NCSAM) theme is “Safeguarding the Nation’s Critical Infrastructure.” The 16 critical infrastructure sectors are designated by the Department of Homeland Security as crucial to the nation’s safety, security, and wellbeing.

Cyberattacks to critical infrastructure are often very large in scale, could pose physical safety concerns, and may have catastrophic consequences.

To shed light on potential impact, we wanted to share a few examples of recent cyber incidents and threats to each of the 16 critical sectors of infrastructure.

Financial and data theft:

Potential for physical damage and injury:

  • Chemical: A recent cyberattack on a chemical company in Saudi Arabia would have caused a deadly explosion if not for an error in the malicious computer code.
  • Dams: A New York dam was semi-successfully taken over by a “hacktivist” group. A more successful attack could cause severe flooding.
  • Nuclear Reactors: Materials, and Waste: The business operation side of a U.S. nuclear power plant was breached in a fortunately limited attack.

Potential effects on health and wellbeing:

  • Healthcare and Public Health: An Indiana hospital recently shut down for several days following a ransomware attack. A hospital breach exposes sensitive data and could shut down life-saving equipment.
  • Communications: Telephone denial-of-service (TDoS) attacks render a telephone line unusable by flooding it with simultaneous calls, and can be targeted to shut down the 911 network.
  • Food and Agriculture: Modern, high-tech agriculture is vulnerable to cyberattacks – a hit on the power supply, autonomous equipment, or R&D could cause severe food shortages.
  • Water and Wastewater Systems: A U.S. water treatment plant was breached by hackers, who were able to change chemical levels on tap water and steal sensitive data.
  • Emergency Services: Baltimore’s emergency dispatch system was hit with ransomware, forcing manual tracking and dispatching for almost 24 hours.
  • Defense Industrial Base: The U.S. Office of Personnel Management suffered a security breach exposing sensitive data about weapons manufacturers and employees.

Severe disruptions in operations:

  • Transportation Systems: San Francisco’s public transit system suffered a ransomware attack, forcing the city to allow free travel.
  • Energy: In 2015 Ukraine suffered the first known successful cyberattack on a power grid, causing a total blackout.
  • Information Technology: The DHS recently issued a warning that Managed Service Providers are under attack due to their high-level access to IT systems.
  • Government Facilities: The city of Atlanta was a victim of a costly ransomware attack that left countless city services and programs shut down.
  • Critical Manufacturing: An undisclosed critical infrastructure facility recently had its operations brought to a halt by a malware attack.

Cybersecurity is our shared responsibility. Everyone plays a critical role in protecting our nation’s critical infrastructure. By staying aware of potential danger and solutions, we can all do our part.

Stay Safe,

Your Friends @ Defendify

Resources & insights

Why You Could Be Denied Cyberattack Insurance Coverage
Blog
Why You Could Be Denied Cyberattack Insurance Coverage
As you’re working toward achieving robust cybersecurity, the subject of cyber attack insurance coverage is sure to enter the discussion. Maybe you’ve already delved into this topic, as cyber insurance has become an essential cornerstone of every information security program. Many overriding factors will affect your ability to obtain and retain the coverage you need at a reasonable rate—and a successful approach is tied closely to a comprehensive cybersecurity posture.
Cost of a Cyberattack vs. Cybersecurity Investment
Blog
Cost of a Cyberattack vs. Cybersecurity Investment 
Detailing the cost of a cyberattack versus the ROI of a cybersecurity investment enables leadership to see cybersecurity solutions are worth it.
Defendify Listed as a High Performer in Six G2 Grid Categories
Blog
Defendify Listed as a High Performer in Six G2 Grid Categories
The Defendify Cybersecurity Platform has been listed as a High Performer in six Summer 2022 Data Security Software Category Reports on the technology review site G2.

Protect and defend with multiple layers of cybersecurity

Faster. Smarter. Stronger.

Explore layered
security

Learn more about Defendify’s three key layers and All-In-One cybersecurity.

How can we help?

Schedule time to talk to a cybersecurity expert to discuss your needs.

See how it works

See how Defendify’s platform, modules, and expertise work to improve security posture.