US critical infrastructure operators should prepare for retaliatory cyberattacks
US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks.
“Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year.
“[This warning is] based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,” he added.
US Deputy National Security Advisor Anne Neuberger has followed up the warning with a press briefing, during which she stated that “there is no certainty there will be a cyber incident on critical infrastructure,” but that owners and operators of critical infrastructre have the ability and the responsibility to harden the systems and networks the country relies on.
She shared that last week, federal agencies hosted classified briefings with several hundred companies in sectors they felt would be most affected, and “provided very practical, focused advice.”
Previously, the Cybersecurity and Infrastructure Security Agency (CISA) released guidance to help critical infrastructure owners and operators identify and mitigate the risks of influence operations that use mis-, dis-, and malinformation (MDM) narratives.
Neuberger also said that US agencies have not yet attributed the recent attack on satellite communications company Viasat. Nevertheless, the attack has been followed by a CISA alert advising SATCOM network providers or customers on how to upgrade their defenses.
A trigger for important conversations
Neuberg has been repeatedly asked by the press whether this latest warning for critical infrastructure operators is due to the agencies seeing evidence of or anticipating a cyberattack on specific targets.
She noted that they are seeing some preparatory activity and they shared that info with the private sector companies, but that this warning was to raise broader awareness on the need to up cybersecurity defenses.
Robert M. Lee, co-founder and CEO at industrial cyber security company Dragos, Inc, noted that thought this warning might not be actionable enough for cybersecurity personnel, it’s important messaging for senior executives, and can be used to drive a conversation on current defenses and future plans.
“Most teams aren’t staffed to make big quick changes and most orgs couldn’t support that anyway. However laying out and advising on what would be appropriate for the next crisis and using this as an opportunity to practice the IR plan would be appropriate and valuable,” he added.