April 2, 2023

Last week, a major cyber attack crippled one of the largest pipelines in the United States (US), Colonial Pipeline, which carries about 45% of all fuel consumed on the country’s East Coast. The attack disrupted fuel supplies and caused a surge in gas prices in some parts of the country. DarkSide a Russian group involved in the attack and nearly $5 million was paid as ransom. This attack shows how vulnerable the critical infrastructure to attacks and need a revamp on broader terms by which any disruption will get prevented from happening

Attacks targeting critical infrastructure and businesses have surged recently. These include the 2017 WannaCry and NotPetya ransomware attacks, the 2015 attack on Ukrainian power grids and 2010 Stuxnet attack on Iranian nuclear reactor. Causing millions, billions of damages

India too has not escaped the impact of such debilitating cyberattacks. The NotPetya attack had infected computer network of Maersk, which disrupted global supply chain to a larger extent. Most recently, a China-linked hacker group RedEcho targeted India’s power sector, ports and parts of the railway infrastructure, affecting Mumbai.

CERT and NCIIPC have noted several such attacks on India’s critical infrastructure. This has made critical infrastructure protection a major cybersecurity priority for India.

Critical infrastructure operators have resorted to plugging the security gaps in their systems whenever faced with a cyberattack or data breach. Indian regulators have often complained that this reticent approach of operators and businesses is tactical and short-term, overlooking the possibility of concerted cyber warfare by adversarial States against India.

Given the mutual distrust and vulnerability of public and private sector, any solution involves sharing responsibility through a public-private partnership for critical infrastructure protection. These should focus on building an institutional framework, expanding and deepening capacity, creating security standards and strict audits and evolving a cybersecurity incident reporting framework.

Threat canvas and vulnerabilities are expanding. An integrated, whole-of-the-ecosystem approach is inevitable for securing critical infrastructure will be successful

Tags:

Leave a Reply

Related Post

PwnedPiper Threatens PTS

PwnedPiper Threatens PTS

August 2, 2021
Schneider Electric PLC Bug

Schneider Electric PLC Bug

July 13, 2021

You may have missed

TheCyberThrone Security Week In Review –April 1st, 2023

TheCyberThrone Security Week In Review –April 1st, 2023

April 2, 2023
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – March 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – March 2023

April 2, 2023
IBM Aspera Vulnerability Exploited to install Ransomware

IBM Aspera Vulnerability Exploited to install Ransomware

April 1, 2023
Italy temporarily bans ChatGPT

Italy temporarily bans ChatGPT

April 1, 2023
Cylance Ransomware Dissection

Cylance Ransomware Dissection

April 1, 2023
WordPress Elementor Pro Plugin Vulnerability

WordPress Elementor Pro Plugin Vulnerability

April 1, 2023
%d bloggers like this: