FEATURE: CRITICAL INFRASTRUCTURE
helped attackers generate malware and ransomware faster. On the other hand, the legacy infrastructure used by many utility units is often old, making them fertile ground for exploitation. tensions. These attacks have increasingly targeted critical infrastructure, demonstrating the urgent need for government agencies to adopt proactive threat intelligence and surveillance strategies.
Recently, Akamai’ s Security Intelligence and Incident Response( SIRT) team assisted in a law enforcement operation to dismantle a major pro-Russian hacktivist group called Anonymous Sudan. It is known for using massive DDoS attacks, targeting both anti-Russian as well as anti-Muslim groups and entities. Lately, they’ ve launched attacks almost weekly, targeting airlines, governments, banks, large companies, airports, and telecommunications companies.
This year we see a change in attack vectors, which will focus more on application programming interfaces. As organizations deploy more APIs, they will be more exposed to threats and the risk of misuse will increase. Properly identifying, managing, and securing APIs will be even more important components of a robust cybersecurity strategy, as will micro-segmentation.
Cybersecurity strategies to prevent nation-state attacks
Nation-state-funded cyber operations have seen a significant increase due to rising geopolitical
Akamai suggests seven security measures that government institutions should consider to prevent potential attacks on their critical infrastructure:
1. Proactively assemble a crisis response team and ensure that manuals and instructions and incident response plans are up to date. An instruction manual that references outdated technology assets or people who have long since left the company will be of no use.
2. Implement DDoS security controls under an“ always-on” mitigation posture as the first layer of defense to avoid an emergency integration scenario and reduce the burden on incident response teams.
3. Review major subnets and IP spaces, and ensure mitigation controls are in place.
4. Explore custom WAF rules to match certain geographic attributes and help reduce malicious traffic coming from unwanted territories.
5. Perform accurate analysis and assessments of critical infrastructure. There are solutions that allow you to improve the visibility of all platforms independently, instead of having to use multiple systems.
6. Having modern software-defined segmentation is the simplest way to reduce the blast radius of an attack. Software-defined segmentation allows you to isolate critical applications without making changes to the IP address or VLAN; It can even act as a virtual patch for legacy operating systems that have reached the end of their useful life and cannot otherwise be effectively protected, but are still needed.
7. Implement a robust API security strategy. APIs often perform critical functions and are an attractive target for criminals looking to disrupt operations. In addition, if they are not well secured, they can expose endpoints that could be exploited to access data and services in an application or wider computing environment. For all these reasons, it is advisable to generate a complete inventory of APIs, including how many APIs are owned and identify the types of sensitive data that can be accessed through them, as well as track user access to those same applications.
Threats to critical infrastructure demand immediate action and robust cybersecurity strategies. Collaboration between governments, companies and experts is key to anticipating risks, protecting sensitive assets and ensuring the continuity of essential services. p
38 INTELLIGENTCIO LATAM www. intelligentcio. com