Ethical Hacking News
A growing threat is looming over critical infrastructure in the US, as cyberattacks become increasingly sophisticated and targeted. According to cybersecurity expert Joshua Corman, the country's water systems, hospitals, and power grids are particularly vulnerable to attack, with significant consequences for public health and safety.
Critical infrastructure in the US is increasingly vulnerable to cyberattack. Cyberattacks on hospitals, water facilities, and power grids have escalated in recent years. The threat of cyberattack is particularly concerning due to escalating tensions with China. Developing analog, physical engineering mitigation solutions can help detect and prevent cyberattacks. 85% of critical infrastructure entities are target rich and cyber poor, lacking resources and expertise to defend themselves. Budget cuts in federal agencies have exacerbated the situation.
The threat of cyberattack on critical infrastructure has reached a boiling point in the US, as experts warn that the country's lifeline systems are increasingly vulnerable to attack. From water facilities to hospitals and power grids, the stakes have never been higher.
According to Joshua Corman, executive in residence for public safety & resilience at the Institute for Security and Technology (IST), the vulnerability of critical infrastructure is a growing concern. "We were always prey," he notes, "but there are surprisingly simple solutions to safeguard hospitals, water facilities, and other critical infrastructure."
Corman's comments come as cyberattacks on US critical infrastructure continue to escalate. In recent years, hospitals have become increasingly popular targets for ransomware attacks, with significant consequences for public health and safety. The Colonial Pipeline, a major artery transporting nearly half of the east coast's fuel supply, was forced offline for nearly a week in 2021 following a ransomware attack.
But it's not just hospitals that are under threat. Community water systems across the US have also become targets for cyberattacks, with significant consequences for public health and safety. In some cases, these attacks have resulted in the compromise of sensitive information, including personal data and financial records.
The threat of cyberattack on critical infrastructure is particularly concerning given the escalating tensions between the US and China. According to Corman, China has intentions towards Taiwan as early as 2027, and is willing to disrupt and destroy parts of US critical infrastructure if necessary. The use of cyberattacks as a tool of war is becoming increasingly sophisticated, with attackers using advanced techniques such as access brokering to gain access to sensitive systems.
But what can be done to mitigate these vulnerabilities? Corman suggests that the solution lies in the development of analog, physical engineering mitigation. "We're encouraging something called cyber-informed engineering," he notes. "This involves using traditional engineering principles to detect and prevent cyberattacks."
One such technology is the equivalent of circuit breakers for water, which can detect a surge in pressure and shut off pumps to prevent physical damage. These devices are affordable and familiar, making them an attractive solution for small and medium-sized water facilities that lack the resources to invest in advanced cybersecurity measures.
However, despite these efforts, many critical infrastructure entities remain vulnerable to cyberattack. In fact, according to Corman, a staggering 85% of owners and operators of these lifeline critical infrastructure entities are target rich and cyber poor. This means that they lack the resources and expertise to defend themselves against cyberattacks.
The situation is further exacerbated by budget cuts in federal agencies such as the National Cybersecurity Alliance (NCSA), which has seen significant reductions in funding and staffing. The NCSA, which serves as a key resource for helping states serve themselves, lost its funding in 2022, leaving many small and medium-sized water facilities without access to critical resources.
In response to these concerns, non-profit organizations such as Cyber Civil Defense and the Undisruptable27.org are stepping forward to provide support and training to critical infrastructure entities. These efforts aim to reduce the friction of asking for help and finding help, and to empower individuals and communities to take action to protect themselves against cyberattacks.
As the threat of cyberattack on critical infrastructure continues to escalate, it is clear that something must be done to address this growing concern. The solution lies in a combination of advanced cybersecurity measures, analog physical engineering mitigation, and public-private partnerships between governments, industry, and civil society.
In conclusion, the vulnerability of critical infrastructure to cyberattack is a growing concern that requires immediate attention from policymakers, industry leaders, and civil society. By working together to develop and deploy effective solutions, we can reduce the risk of cyberattacks on our lifeline systems and ensure that public health and safety are protected for generations to come.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Vulnerability-of-Critical-Infrastructure-to-Cyberattack-A-Growing-Concern-ehn.shtml
https://www.theverge.com/cyber-security/693588/cybersecurity-cyberattack-critical-infrastructure-war-expert-iran
Published: Fri Jun 27 18:18:01 2025 by llama3.2 3B Q4_K_M
