How Cybersecurity Can Save Critical Infrastructure

Critical infrastructure (CI) has become a prime target for malicious actors seeking to manipulate, disrupt, or undermine the operation of industrial control systems (ICS).
August 20, 2024

Critical infrastructure (CI) has become a prime target for malicious actors seeking to manipulate, disrupt, or undermine the operation of industrial control systems (ICS). Motivated by various factors – from monetary to geopolitical – malevolent actors seek to disrupt critical operations. With the convergence of physical and digital domains increasing, the disruption of these services can have catastrophic consequences, affecting millions and causing significant economic damage.

CI comprises physical and digital systems vital to a nation's security, economy, and safety. Despite their varying functions, these industries share a common vulnerability: a growing dependence on the internet makes them increasingly susceptible to cyberattacks. Thales surveyed 367 CI businesses from 18 countries around the world to understand the trends, threats and the progress made in the cybersecurity domain.

Postquantum Cryptography: The Time to Prepare Is Now!

What Are the Key Report Findings?

The Critical Infrastructure edition of the 2024 Thales Data Threat Report highlights the threats that businesses in the Energy, Utilities, Telecom, Transportation, and Logistics sectors face. 15% of the CI organizations have experienced a breach in the last 12 months, with ransomware being the biggest threat. 24% of the businesses have felt the consequences of a ransomware attack. However, it is worrying that only 15% of the surveyed organizations have a formal plan in place to respond to such attacks.

Cybersecurity agencies have repeatedly issued advisories to warn CI businesses and executives. According to the International Energy Agency, these attacks at least doubled across most sectors between 2020 and 2022. At the same time, the European Union Agency for Cybersecurity (ENISA) Threat Landscape 2023 report identified ransomware and supply chain attacks as top threats.

The Thales report findings discovered that among CI organizations, human error was the leading cause of cloud-based data breaches, accounting for 34% of the cases. This was followed by the exploitation of a known yet unpatched vulnerability at 31%.

Finally, it is important to recognize that the coexistence of legacy technology with modern IoT devices creates a complex ecosystem to protect. Operational complexity remains a security concern for more than half of the survey respondents, although there are signs of stabilization.

The global nature of cyberattacks on critical infrastructure—from attacks on Costa Rica’s social security system and Australia’s financial sector to assaults on South African ports and Norwegian energy companies—highlights the need to strengthen cybersecurity.

Legacy Technology Meets Cutting Edge

Critical infrastructure sectors, historically reliant on legacy operational technology, are rapidly embracing digital transformation. Industries like energy, water, and transportation are integrating AI, IoT, and cloud computing to enhance efficiency and resilience. In fact, our report findings show that 26% of CI respondent organizations plan to integrate AI into their core products and services in the next 12 months, while 29% of CI organizations are experimenting with AI.

This shift, while promising improved operations, also introduces new cybersecurity challenges, necessitating a delicate balance between innovation and protecting these vital systems from evolving threats. Consequently, the Thales report on CI reveals that a staggering nine out of 10 (93%) respondents experienced increased attacks.

Harvest Now, Decrypt Later

Another emerging threat facing CI organizations today is quantum computing, particularly the future compromise of classical encryption techniques, which would enable "harvest now, decrypt later" (HNDL) attacks. These attacks involve the assailants harvesting encrypted data now with the intention of decrypting it in the future when quantum computing becomes available. 69% of the Thales survey respondents agreed that these attacks as well as post-quantum cryptography is an emerging security concern.

Unfortunately, Gartner’s recent report entitled: “Postquantum Cryptography: The Time to Prepare Is Now!” highlighted how most IT entities do not know which type of cryptography they are using, which applications are using it, how it is used, or even who makes decisions about cryptography.

On a more positive note, the Thales report revealed that among CI respondents who identified post-quantum cryptography as an emerging security threat, 49% indicated they would likely create resilience contingency plans, and 48% said they would prototype or evaluate PQC algorithms in the next 18-24 months.

Governmental Concerns and Regulations

In response to this growing threat, governments worldwide recognize the importance of securing infrastructure against cyber threats. The EU has introduced regulations like the Digital Operational Resilience Act (DORA) and the Network and Information Systems Directive (NIS2) to enhance the cybersecurity resilience of critical infrastructure across the EU by imposing stricter security requirements and incident reporting obligations.

Similar initiatives have also been launched in the United States to bolster critical infrastructure security. Executive Order 13636 and Presidential Policy Directive 21 (PPD-21) highlight the federal government's commitment to enhancing the cybersecurity and resilience of the nation's critical infrastructure. Finally, the NSA released a memorandum emphasizing the need for critical infrastructure entities to adopt robust cybersecurity measures and prepare for potential quantum threats. This memorandum outlines steps for enhancing cyber resilience, including adopting post-quantum cryptography and implementing advanced threat detection and response capabilities.

There is a strong correlation between compliance and resilient posture leading to reduced breaches, which is a trend identified across all Thales Data Threat Report findings. In the 2024 survey, of the CI respondents whose organizations failed a compliance audit in the last 12 months, 84% reported having experienced some breach in their history. In contrast, for those CI organizations that have not failed a compliance audit only 17% have any breach history, with just 2% having a breach in the last 12 months.

An Increasingly Complex Landscape

The cybersecurity landscape for critical infrastructure is becoming increasingly complex, driven by the rise of sophisticated cyber-attacks and emerging technologies. However, it is also operational complexity that is a source of concern. Tools and apps sprawl create cracks in the cybersecurity posture. The Thales report indicates that 57% of the CI respondents use five or more key management systems, while on average they have 90 SaaS apps in use.

Governmental regulations and initiatives reflect the growing recognition of the importance of securing critical infrastructure. By implementing comprehensive cybersecurity strategies, fueling collaboration, and preparing for future quantum threats, critical infrastructure can be enhanced and protected from evolving cyber threats.

Download the 2024 Thales Data Threat Report – The Critical Infrastructure Edition to comprehend the evolving threat landscape and what you can to protect your business and your country’s economy and safety.

Sign Up for Our Newsletters
Get notified of the helpful news on our themes.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
The Latest
The Importance of IAM in Critical Infrastructure
The Evolution of Identity and Access Management (IAM)

You May Also Like

The Importance of IAM in Critical Infrastructure
September 12, 2024
Over the past year, the world's critical infrastructure (CI) - including energy, healthcare, finance, communications, manufacturing, and transport - has suffered a constant barrage of attacks.
The Evolution of Identity and Access Management (IAM)
September 5, 2024
The evolution of Identity and Access Management (IAM) has been a fascinating journey, shaped by technological advancements, security challenges, and evolving business needs.
Sensitive data in the cloud: How can companies leverage the benefits without risking security?
September 3, 2024
In an era of increasingly sophisticated data breaches and cyber threats, companies are rightfully concerned about moving sensitive data to the cloud.

/ Try It now

Wherever your data resides we can help you own your data

Get a Demo