Attacks On Critical Infrastructure

Critical infrastructure vendors are not used to having to defend their assets against sophisticated cyber adversaries, and typically have small IT teams with limited security specialists, according to Anthony James, Infoblox’s vice president of product marketing. These companies don’t have large offices or data centers, and proceeds tend to be invested into ramping up electricity or oil production, James said. 

However, critical infrastructure equipment is typically IP-enabled for manageability and centralized control, which James said makes it vulnerable to cyberattacks just like hospitals or medical equipment. Critical infrastructure environments are highly distributed with limited compute power, meaning that oil rigs don’t have an IT team tasked with ensuring the network connection isn’t attacked or compromised.

IP-enabled equipment should be separated from the core network whenever possible, James said, air-gapping devices that are critical to business operations but don’t require internet access. Critical infrastructure vendors should assess which devices actually need to connect to the management console and put policies in place to otherwise restrict what’s allowed to communicate with the console.