Recent reports that ransomware attacks on industrial organizations increased by over 50 percent in 2023 represent only “the tip of the iceberg.” According to operational technology (OT) cybersecurity company IXDen, critical infrastructure across the US is being attacked at unprecedented levels.
“The vast majority of cyber breaches of critical infrastructure such as water and power facilities go unreported, although a precise figure is impossible to gauge. Those that are reported in the media are only the tip of the iceberg. OT attacks on private businesses are not reported at all, and in public organizations, they are rarely reported,” says IXDen CEO and Co-Founder Zion Harel.
Geopolitical tensions fuelling escalating attacks
As Cyber Intelligence predicted almost four months ago, heightened geopolitical pressures are fuelling the escalating cyber-attacks on US critical infrastructure such as power and water treatment facilities.
According to Dr. Leonid Cooperman, IXDen CEO and Co-Founder: “Critical infrastructure in the US has now become a prime target for Iranian, Russian, and Chinese hackers. Their aim can either be to disable crucial services as part of a greater attack or simply to carry out industrial espionage and steal valuable intellectual property.”
The OT systems that manage critical infrastructure were originally intended to be stand-alone systems. However, the need to integrate them with the digital age’s online IT systems has exposed many weaknesses for hackers to exploit.
Power and water treatment facilities are prime targets
“Critical infrastructure such as power plants and water treatment facilities are also prime targets for terrorists and potentially hostile nation-states. Often, they will infiltrate the computer networks of such facilities and silently hide for months or even years, waiting for the optimum time to alter the chemicals in the water supply to poison people or, for example, plunging them into darkness by taking out part of the US energy grid,” says Dr. Cooperman.
In February, the US authorities issued a warning concerning Chinese hackers targeting critical infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) said: “People’s Republic of China (PRC) state-sponsored cyber actors are seeking to position themselves on IT networks or [carry out] disruptive or destructive cyber-attacks against US critical infrastructure”.
