Cyberattacks on critical infrastructure in 2023

Cyberattacks on critical infrastructure have been rising in numbers. But what does an attack really mean for the society?
  • Technology

Cybercrime is a global reality in today’s world and one which shows no sign of going away anytime soon. It is pretty telling that the World Economic Forum listed “Widespread cybercrime and cyber insecurity” for the first time in its  Global Risks report 2023. Once a nuisance to users on the internet, cybercrime has evolved into both a massive multibillion-dollar industry AND a weapon to aid real-world conflict.

Attacks like Distributed Denial of Service Attacks (DDOS) and ransomware were just used to make money but now can be used to target governments and critical infrastructure as part of an overall military strategy. The recent report, “2022 Official Cybercrime Report by Cybersecurity Ventures,” put ransomware as the most immediate cyber threat to both governments and companies globally.

Critical Infrastructure - A blind spot

Cybercrimes have always had the potential to disrupt a person’s livelihood due to the financial impact, but attacks on critical infrastructure have the potential to disrupt entire societies. People take services like electricity, transportation, communication, water, and fuel supply as granted for the normal functioning of society, and an attack designed to impact these services can cause widespread panic.

It can also aid in eroding the confidence in the current government and help the spread of propaganda

There is also, of course, a direct impact on life if services like the power grid or medical services are impacted. Cybercriminals are well aware of this, which is why cyberattacks have taken on a much more sinister form these last couple of years, being executed in parallel with real-world attacks.

Consider the below:

  • Compromising the systems that control the water supply of a country can result in water supply contamination and a subsequent health emergency

  • Disrupting the power grid can result in widespread blackouts which would have a cascading effect on other critical functions like communications, healthcare, and transport services.

  • Similarly attacking the financial system can have widespread economic impacts leading to widespread panic and loss of confidence in the financial system.

These attacks are designed not for financial benefit but for spreading fear and chaos and disrupting the very fabric of society.

Key attacks on critical infrastructure

Europe is no stranger to such attacks both in the past and current as evidenced by the recent Russia-Ukraine conflict.

A few notable events are listed below:

  • Ukraine’s power grid was targeted in 2015 and 2016, resulting in massive power outages by a Russian state-sponsored group called Sandworm.

  • A ransomware attack in 2019 on the Norwegian company Norsk Hydro resulted in massive business disruption and millions of dollars in financial damage.

  • The European External Action Service (EEAS), which is the EU’s diplomatic service, was targeted In 2020 by the Russian group APT29 group

  • A similar group, APT28, also targeted several other EU countries and organizations with a massive spear phishing campaign to compromise their environments.

  • Microsoft’s threat intelligence center recently identified a new ransomware campaign in October 2022 in which transportation and other logistics companies were targetted

These real-world examples highlight the dangers of attacks on critical infrastructure in Europe and why robust cybersecurity measures are needed to secure against them.

The way forward

State-sponsored cyberattacks are a reality that nations across Europe and the wider world need to understand and protect against. These attacks are devastating in their ability to disrupt life and cause damage on a massive scale. Governments and companies should take the below steps at a minimum:

  • Implement a dedicated cybersecurity program to protect against these threats and assess their risk to the same

  • Play out these scenarios against their current controls in various Incident response simulations to see where possible gaps might exist which can be exploited

  • Co-operate and share information with each other so that all stakeholders are aware of the latest threats and vulnerabilities. A key aspect of Critical infrastructure attacks is their ability to have a domino effect on other industries hence it is so important.

Attacks on critical infrastructure are designed to have both a physical and psychological impact on the working of a country. European governments and countries need to have a robust set of cybersecurity controls in place to ensure their critical infrastructures are protecting against this rising threat.