EU-NATO task force on the resilience of critical infrastructure (KRITIS) in Europe declares energy, transport, digital infrastructure and space as key areas particularly worthy of protection.
Discussions about how CRITIS can be best protected are also increasing in Germany. The four key areas that, according to the recently published EU/NATO paper, offer increased vulnerability to cyber attacks and are therefore particularly worthy of protection are energy, transport, digital infrastructure and space. Attacks on these targets are extremely worthwhile for criminals and saboteurs because of the potential damage to society.
Special challenges in Germany
This problem is particularly pronounced in Germany, as almost four fifths of critical infrastructure is in private hands. This creates challenges in terms of transparency and standardization of security practices. Approaches that effectively use human expertise can help identify vulnerabilities, keep the attack surface as small as possible and the security risk low.
Digitalization undoubtedly offers many advantages: the global exchange of information and data in a matter of seconds and automation in production are just two examples. But where there is a lot of light, there is also shadow. As the digital world becomes more complex, the points of attack for malicious actors are becoming more complex and the effects more devastating.
Increasing the attack surface: vulnerabilities and supply chain attacks
Critical infrastructures require more attention right now, as the threat situation is worsening in various places: coordinated cyber attacks are currently taking place in the war over Ukraine. This is also a serious danger for Germany, which has expressed its support for Ukraine, as Kiev's allies are also increasingly being targeted by the attackers.
Cybercriminals want to achieve maximum damage with as little effort as possible. To do this, they look for vulnerabilities in potential targets that they can abuse for their own purposes. Forgotten legacy systems, unpatched software, misconfigurations or weak credentials can be a gateway into the network for attackers. Malware often does not enter the system directly via the in-house IT, but rather through security gaps in external companies, such as suppliers, software providers or partners. If supply chains are taken into account, the attack surface for critical infrastructures increases significantly. Regulatory efforts are being made to counteract this fact by also applying increased security requirements to partners of KRITIS companies. However, a company's infrastructure is only as strong as its weakest link.
Strengthen prevention
The worsening threat situation can be seen in the fact that cybercriminals are increasingly exploiting vulnerabilities that have previously played a minor role in the cyber hygiene of IT security teams. This shows that critical infrastructures need to adapt their security approach. Prevention must be strengthened and the ability to respond to security breaches must be improved. Anomalies and suspicious behavior must be identified as quickly as possible in order to initiate the necessary measures.
However, most IT security solutions work reactively and only detect damage when it is already in the system or when an attacker is trying to penetrate through a vulnerability. But how can you prevent an attack from even taking place? This requires more unconventional ideas and methods. Such specific problems can be solved by experienced specialists who carry out their analysis in the same way as attackers.
Find back doors
To do this, organizations have their systems hacked by so-called white hats to find out where undetected vulnerabilities are. These are ethical hackers who work together around the clock and across time zones to keep a close eye on vulnerable networks. VDP and bug bounty programs encourage security professionals to search for new and innovative vulnerabilities. Gaps or “backdoors” that many malicious actors use to gain access to critical infrastructure networks – just think of log4j – can be detected and subsequently closed. However, an immediate patch is the prerequisite for this.
As an additional precaution, companies can also require third-party providers to adopt comparable security protocols, which will help improve the cyber hygiene of all links in a software chain and strengthen the security of critical infrastructure networks.
Create synergies
One way critical infrastructure can be strengthened against the growing cyber threat is through collaboration between industry, government and the public. The EU/NATO paper speaks of synergies, both between individual member states and between institutions and organizations. By collaborating with others and openly sharing information, security teams can build strength in numbers, learn from previous events and ultimately build trust - which is critical for organizations working with critical infrastructure, according to Chris Dickens, senior solutions engineer , HackerOne.
More at HackerOne.com
About HackerOne HackerOne closes the security gap between what companies own and what they can protect. HackerOne's Attack Resistance Management combines the security expertise of ethical hackers with asset discovery, continuous assessment and process improvement to find and close gaps in the ever-evolving digital attack surface.