Published on November 9, 2023, 6:54 am
Devastating cyberattacks are no longer just the stuff of Hollywood movies. Recent examples, such as the ransomware attack on Thailand’s Saraburi Hospital and the targeting of American meatpacking company JBS, have underscored the potency of cyber threats and their potential to disrupt critical infrastructure.
Governments across the Asia-Pacific region are taking steps to strengthen the cybersecurity defenses of their critical infrastructure. For instance, Australia has expanded the coverage of critical infrastructure from four sectors to 11, including communications, financial services, healthcare, and transport. This expansion comes with new security obligations for owners and operators of critical infrastructure, who must now identify and mitigate any risks that could affect their assets.
In Singapore, the concept of critical information infrastructure (CII) already covers 11 sectors such as aviation, banking and finance, and energy. The government is planning to redefine CII in 2023 to possibly include virtual assets hosted on the cloud. A risk-based approach will be adopted to protect infrastructure and services.
Singapore’s Cyber Security Agency (CSA) has also launched a CII Supply Chain Programme to help critical infrastructure operators mitigate supply chain attacks. This program provides tools and resources to improve visibility into the cyber supply chain and enhance incident response capabilities.
Meanwhile, in Japan, there are currently 14 critical infrastructure sectors. The government is reviewing its cybersecurity plan this year and may introduce legislation to address supply-chain risks.
As organizations work towards bolstering security for their critical infrastructure, they face challenges posed by digital transformation. With more digital features and connections being added to operations, the attack surface continues to expand. Additionally, there is a convergence of IT and operational technology (OT) infrastructure, further increasing vulnerabilities.
The fallout from a cyberattack extends beyond immediate damage. Exposed data can make victims more susceptible to future attacks as attackers gain insights into their culture and operations. To counter these threats effectively, a defense-in-depth strategy is crucial.
Governments and operators of critical infrastructure can take several steps to enhance security. These include regularly scanning data stores for vulnerabilities, investing in application and data security to combat malware and ransomware, implementing robust DDoS protection, addressing supply chain and zero-day attacks, and involving development teams in the creation and execution of security strategies.
A multi-pronged approach is necessary to counter increasingly sophisticated threat actors and safeguard the lives and livelihoods of citizens relying on critical infrastructure. By adopting these measures, governments can help protect their nations from devastating cyberattacks.
Source: Adapted from “No time to lose for critical infrastructure security” by FutureCIO.