February 24, 2024

Cybersecurity High-Risk Series: Challenges in Protecting Cyber Critical Infrastructure

Overview

We have created 106 suggestions in public reports because 2010 with respect to shielding cyber significant infrastructure. Till these are totally implemented, federal organizations will be far more restricted in their ability to defend personal and sensitive information entrusted to them. For much more details on this report, pay a visit to https://www.gao.gov/cybersecurity.

Bolster the Federal Role in Guarding Cyber Essential Infrastructure

The U.S. grid’s distribution systems—which have electrical energy from transmission programs to individuals and are regulated principally by states—are progressively at threat from cyberattacks. Distribution techniques are increasing extra vulnerable, in component mainly because of industrial control systems’ increasing connectivity. As a outcome, threat actors can use various methods to accessibility people techniques and probably disrupt operations.

Illustrations of Strategies for Attaining First Access to Industrial Management Units

Fig03-75_v4-ITC-106441-corporate net_cgb

We reported in March 2021 that DOE, as the direct federal agency for the electrical power sector, formulated designs to enable battle these threats and implement the countrywide cybersecurity strategy for the grid. Nevertheless, DOE’s designs do not tackle distribution systems’ vulnerabilities relevant to provide chains. By not having designs that tackle the improvement to grid distribution systems’ cybersecurity, DOE’s ideas will probable be of minimal use in prioritizing federal guidance to states and marketplace.

➢ We encouraged that, in developing plans to carry out the nationwide cybersecurity approach for the grid, DOE coordinate with DHS, states, and marketplace to additional fully tackle hazards to the grid’s distribution programs from cyberattacks.

The communications sector is an integral part of the U.S. economy and faces significant bodily, cyber-linked, and human threats that could have an effect on the operations of area, regional, and nationwide amount networks, in accordance to CISA and sector stakeholders. In addition to handling federal coordination throughout incidents impacting the communications sector, CISA shares details with sector stakeholders to enhance their cybersecurity and increase interoperability, situational recognition, and preparedness for responding to and managing incidents.

Examples of Possible Stability Threats to the Communications Sector

Fig02-75_v3-ITC-106441-potentials_cgb

In November 2021, we reported that CISA experienced not assessed the usefulness of its courses and products and services supporting the security and resilience of the communications sector. By finishing this kind of an assessment, CISA would be much better positioned to ascertain which applications and companies are most useful or related in supporting the sector’s stability and resilience. We also claimed that CISA experienced not up-to-date its 2015 Communications Sector-Unique Prepare. Developing and issuing a revised program would assist CISA to tackle emerging threats and pitfalls to the communications sector.

We proposed that CISA evaluate the usefulness of its plans and companies to help the communications sector and, in coordination with public and private communications sector stakeholders, create a revised Communications Sector-Distinct Strategy.

Ransomware is a variety of malicious application that threat actors use in a multistage attack to encrypt documents on a device and render information and devices unusable. These threat actors then demand from customers ransom payments in exchange for restoring entry to the locked knowledge and units.

4 Stages of a Popular Ransomware Attack

U:\Work in Process\Teams\FY23 Reports\ITC\106441\Graphics\Figure04-537_v2-ITC-106441-intrusions_cgb.png

In September 2022, we reported that CISA, FBI, and Solution Assistance provide assistance in avoiding and responding to ransomware assaults on tribal, point out, neighborhood, and territorial govt corporations. However, the companies could strengthen their attempts by totally addressing 6 of seven important methods for interagency collaboration in their ransomware assistance to point out, local, tribal, and territorial governments. For occasion, present interagency collaboration on ransomware aid to tribal, state, neighborhood, and territorial governments was informal and lacked thorough strategies.

We proposed that DHS and the Division of Justice handle discovered difficulties and integrate crucial collaboration procedures in delivering companies to state, area, tribal, and territorial governments.

For far more information and facts about this Snapshot, make contact with: Marisol Cruz Cain, Director, Details Engineering & Cybersecurity, [email protected], (202) 512-5017.