Cyberattacks on Critical Infrastructure to Worsen in 2021: Here’s How to Protect Your Data


Cyberattacks can be disruptive, damaging, and downright annoying — and the impact is even bigger on critical infrastructure that is increasingly being targeted by threat actors. Sam Roguine, Backup, DR, and Ransomware Prevention Evangelist at Arcserve says cyberattacks on critical infrastructure and industrial control systems will become one of the biggest threats to society in the coming year. It’s time to expand data protection and security protocols to account for changes in the risk landscape.

Cyberattacks are a major threat to any industry. For companies in critical sectors like oil and gas, among others, the impact of a cyberattack could be significantly more far-reaching. 

Cybercriminals attack the systems most essential to a company’s bottom line, especially if they’re using ransomware in an attempt to solicit a payout in return for a decryption key. The EKANS ransomwareOpens a new window strain that has recently gained notoriety, for example, is specifically designed to target industrial control systems (ICS). An attack on ICS places an extreme amount of pressure on IT teams tasked with a smooth recovery, so they may be more likely to pay up quickly to minimize disruptions.

In the past year, cyberattacks like the ones that affected the multinational energy company Enel Group, which was hit twice by different ransomware strains within six months, have shown that critical infrastructure industries are under increasing threat. Looking toward 2021, ransomware operators will continue to capitalize on their success by targeting critical systems and evolving their methods to target industries essential to keeping society up and running. To account for this increased risk in the future, it’s important for companies in critical industries to expand their data protection and security protocols now.

Learn More: Cybersecurity in 2025: 4 Trends That Will Change the Face of Security

Developing a Response Plan To Minimize Downtime

With critical industries, one of the main concerns of recovery is keeping downtime to a minimum to prevent widespread impact. The first step in developing a plan should be defining your recovery point and time objectives (RPOs and RTOs) for each system and application in your network. While every application might feel critical in a critical industry, having near-zero Recovery Time Objective (RTO) and Recovery Point Objective (RPO) for your entire network is unrealistic and might cause added confusion if those tasked with recovery don’t know what to prioritize. Instead, you’ll want to categorize them by risk – determine what would have the biggest negative impact if it weren’t recovered quickly, and go from there. 

While losing data may not be as immediate a threat as an attack that disrupts critical operations like power and gas, it’s still important to safeguard the data that these industries generate against loss. Not only might this data contain information that’s vital to the recovery process, but compliance regulations also need to be considered. With new regulations like California’s Consumer Privacy Act, IT needs to govern where and how data is stored and how quickly it needs to be accessible. Those working in critical industries need to ensure that data is backed up even if recovering it isn’t an immediate priority. Storing these backups separately from the main network can help ensure they remain clean.

Integrating cybersecurity with data protection can also help make the recovery process smoother by streamlining IT’s efforts. Taking a two-pronged approach will reduce the time between detection of an attack or breach and kickstarting backup and recovery protocols, which will make attacks overall less damaging. This integration is also beneficial for those dealing with tighter budgets due to COVID-19, which will be particularly relevant in the coming year. 

Learn More: Observing Cyber Hygiene Isn’t Hard. Here’s What to Do

Getting Critical Infrastructure Workers Prepared

A plan is also only successful if the people involved know their roles. Cyberattacks aren’t just an IT issue; they also have a significant business impact, so members of every department need to be involved in the planning process. For industrial operations, in particular, clear communication in the event of an attack is non-negotiable, as attacks that compromise these sectors can potentially be life-threatening – developing a communications response with your crisis team should be a top priority. 

Earlier this year, MITRE released an update to their ATT&CK knowledge frameworkOpens a new window that specifically addresses the tactics that cybercriminals use when attacking ICS – and tips for how to defend against them. IT and security professionals working in critical infrastructure should refer to this framework as they build their attack response plans to know what to look out for when securing these systems. Continuously testing these plans and evolving them to address any weaknesses will ensure they work when put into action and that employees know how to respond to a real crisis.

As digital transformation accelerates and attack surfaces expand, 2021 is sure to bring a variety of new cyber threats. Despite the ever-changing risk landscape, we can’t ignore attacks that threaten the foundations of our society. Cyberattacks affecting critical infrastructure will only increase as cybercriminals realize just how damaging they can be. So, IT pros working in these critical industries need to understand the risks and put a plan in place before an attack happens, so they aren’t (literally) left in the dark. 

Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!