A ransomware gang infiltrated critical infrastructure assets in Costa Rica
Think your critical infrastructure assets are protected? Think again. Compliance drivers haven’t been sufficient incentive for asset owners and operators. But maybe the attack on Costa Rican government systems will wake them up. What’s going on, here?
Earlier this year, a ransomware gang infiltrated Costa Rican government systems. This wasn’t an everyday attack.
Capitalizing on a new presidency, the gang quickly proceeded to increase the pressure, upping its demand to USD 20 million and calling for a government overthrow.
The newly inaugurated President also acknowledged a broader attack than what was previously publicized. In total, 27 government institutions, including municipalities and state-run utilities, had been targeted.
Critical infrastructure assets across Europe targeted, as well
Nor is Costa Rica alone. Russia was said to be behind a cyberattack that disrupted satellite connections across Europe just before the invasion of Ukraine, according to official statements from the U.K., U.S., and EU.
Attacks on critical infrastructure assets aren’t new. Their intensity and frequency are increasing markedly, however. No doubt catalyzed by geopolitical events.
How then can asset owners protect themselves? A few best-practice measures should be of help. In particular, critical infrastructure asset owners should keep a register of information relating to their assets.
That register should be kept as part of an overall risk management program specifically implemented for the asset in question and involving all major stakeholders. That program would help in the following respects:
- Identifying and understanding risks to the asset
- Mitigating risks to prevent incidents
- Minimizing the impact of realized incidents
- Implementing an ongoing, effective governance and oversight process
Digital software capabilities to help protect critical infrastructure assets
Of course, these programs aren’t self-executing. And many asset owners flounder when it comes to implementing their programs quickly and efficiently. What would help? It’s recommended to invest in dedicated critical infrastructure protection software.
What capabilities make the difference? Consider the following three, key critical infrastructure protection software capabilities:
- Supports key use cases. The appropriate critical infrastructure protection software should contain features and functionality for distinct user groups, comprising of (1) regulators, who oversee the functioning of critical infrastructure, (2) operators, the custodians and managers of the critical infrastructure asset, and (3) viewers, those who would only have viewing access to details regarding the critical asset.
- Maintains key details of assets and stakeholder contacts. Well, operators, here, need certain functionality to help them maintain details about the assets under their management. These features would help asset owners and operators to comply with statutory requirements to identify and understand risks to their assets, mitigate those risks to prevent incidents, and implement effective governance and oversight processes to ensure continuous improvement.
- Conducts security threat assessments, various inspections, crowded place, and impact assessments. Critical infrastructure protection software should also come equipped with functionality to inspect, track, and rate the vulnerability and preparedness of critical infrastructure assets to certain threats, as a means of assessing and mitigating potential threats.
Those capabilities, however, don’t even scratch the surface of what’s needed. But they serve as a good start if you’re trying to secure your assets against attack. What other capabilities matter? Download our buyer’s guide to critical infrastructure protection software for the full run down.