American infrastructure operators were advised to learn to work without the Internet, phone and suppliers.
U.S. authorities have warned operators of critical infrastructure about the risk of devastating cyber attacks by foreign countries. The U.S. Cyber Security and Infrastructure Protection Agency (CISA) said the attackers had already infiltrated the networks on which communication, the economy and the work of the country’s vital services depend.
According to the agency, US opponents are preparing not only for cyber espionage. In the event of a geopolitical conflict, hackers may try to disable the system of management of industrial facilities, as well as disrupt the work of telephone communication and the Internet. The CISA believes that some of the attackers have already entrenched inside the infrastructure and expects the right moment to strike.
Acting Director of CISA Nick Andersen said that organizations should prepare in advance for work in the face of a large-scale crisis. According to him, key services are obliged to continue working even in case of violation of communication and compromise of individual systems.
To prepare for such scenarios, CISA launched the initiative CI Fortify. The programme aims to improve the sustainability of critical infrastructure, including energy, communications, the defense sector and life support services.
The agency recommends that companies provide in advance the ability to isolate technological networks from external connections. It is assumed that during the conflict, communication with service providers, contractors, the Internet and telecommunications networks may become unstable or completely unavailable. In addition, CISA experts advise to proceed from the fact that attackers already have some access to industrial networks.
One of the main measures of protection, the agency calls isolation. Operators are offered to prepare scenarios in which critical systems will be able to continue operation autonomously, without connecting to external networks. To do this, organizations need to identify the most important consumers of services, identify key elements of the infrastructure and update emergency response plans so that facilities can operate safely in isolation for weeks or even months.
The CISA pays special attention to the restoration after the attacks. The agency recommends documenting the infrastructure, back up critical data and regularly working out hardware replacement or switching to manual control. Also, organizations are advised to check in advance the dependence on third-party services, including licensing servers and the business network needed to restore systems.
The CISA believes that such training will help not only with cyber attacks. Measures to improve the autonomy of the infrastructure will allow faster recovery from natural disasters, technical failures and other emergencies.
U.S. authorities have warned operators of critical infrastructure about the risk of devastating cyber attacks by foreign countries. The U.S. Cyber Security and Infrastructure Protection Agency (CISA) said the attackers had already infiltrated the networks on which communication, the economy and the work of the country’s vital services depend.
According to the agency, US opponents are preparing not only for cyber espionage. In the event of a geopolitical conflict, hackers may try to disable the system of management of industrial facilities, as well as disrupt the work of telephone communication and the Internet. The CISA believes that some of the attackers have already entrenched inside the infrastructure and expects the right moment to strike.
Acting Director of CISA Nick Andersen said that organizations should prepare in advance for work in the face of a large-scale crisis. According to him, key services are obliged to continue working even in case of violation of communication and compromise of individual systems.
To prepare for such scenarios, CISA launched the initiative CI Fortify. The programme aims to improve the sustainability of critical infrastructure, including energy, communications, the defense sector and life support services.
The agency recommends that companies provide in advance the ability to isolate technological networks from external connections. It is assumed that during the conflict, communication with service providers, contractors, the Internet and telecommunications networks may become unstable or completely unavailable. In addition, CISA experts advise to proceed from the fact that attackers already have some access to industrial networks.
One of the main measures of protection, the agency calls isolation. Operators are offered to prepare scenarios in which critical systems will be able to continue operation autonomously, without connecting to external networks. To do this, organizations need to identify the most important consumers of services, identify key elements of the infrastructure and update emergency response plans so that facilities can operate safely in isolation for weeks or even months.
The CISA pays special attention to the restoration after the attacks. The agency recommends documenting the infrastructure, back up critical data and regularly working out hardware replacement or switching to manual control. Also, organizations are advised to check in advance the dependence on third-party services, including licensing servers and the business network needed to restore systems.
The CISA believes that such training will help not only with cyber attacks. Measures to improve the autonomy of the infrastructure will allow faster recovery from natural disasters, technical failures and other emergencies.
