Dark horse cyber story for 2023: Critical infrastructure attacks

Dec. 4, 2023
While there hasn't been a headline popping story to rival Colonial Pipeline, there has been a steady stream of breaches

Dec. 3—As we look back at the 2023 year in cybersecurity, global attention regarding many cyber topics remains elevated, despite a lack of international, headline-grabbing events. We can be thankful that another Colonial Pipeline ransomware event or Equifax data breach or OPM data breach-level incident has not occurred so far this year.

Nevertheless, there have been numerous cyber attacks against global critical infrastructure in 2023 that are worthy of added attention as a combined theme.

Consider these media stories from 2023:

Reuters: Australia says hacks surging, state-sponsored groups targeting critical infrastructure

"State-sponsored cyber groups and hackers have increased assaults on Australia's critical infrastructure, businesses and homes, a government report said, adding that its new defence agreement with Britain and the U.S. had likely made it more of a target.

"Reports of cybercrime surged 23% to more than 94,000 in the financial year to June, the Australian Cyber Security Centre said in its annual threat report on Wednesday.

"It estimated there was a hack on Australian assets every six minutes."

Wall Street Journal (WSJ): Surge in Hospital Hacks Endangers Patients, Cyber Official Says

"Hundreds of attacks on healthcare organizations this year have breached data on over 61 million people, and forced hospitals to turn patients away."

CSHub.com: UK faces "enduring and significant" cyber threats to critical infrastructure, says NCSC

"The UK's National Cyber Security Centre (NCSC) has warned of the 'enduring and significant' cyber threats faced by the nation's critical infrastructure. In its seventh Annual Review, the NCSC highlighted the need for the UK to accelerate work to keep pace with the evolving threat landscape amid a rise of state-aligned groups, an increase in aggressive cyber activity and ongoing geopolitical challenges."

TimesUnion.com: Cybercrime on 'critical infrastructure' increasing, report says

"Cyberattacks are a growing threat to New York's critical infrastructure, with more than 83 incidents in the first half of this year, a new report from state Comptroller Thomas DiNapoli said. The report said that the state saw more than 25,000 cyberattacks in 2022, up 53 percent from more than 16,400 attacks in 2016."

And hot off the press, a new media story from Axios since Thanksgiving says this: "Disruptive new wave of ransomware hits critical infrastructure."

Here's an excerpt from that piece: "A wave of ransomware attacks targeting critical infrastructure in recent weeks is a stark reminder that the ransomware problem will continue to get worse before it slows down — despite the U.S. government's best efforts.

"Why it matters: In the meantime, hackers will keep disrupting critical services at schools, hospitals, financial service institutions and more.

"Driving the news: Several critical infrastructure organizations are responding to ransomware this week.

  • Some hospitals across the U.S. had to divert ambulances from their emergency rooms and cancel elective procedures throughout the week due to a ransomware attack.
  • The North Texas Municipal Water District is investigating a suspected ransomware attack this week.
  • Ransomware hit Fidelity National Financial, a real estate services company, last week — making it impossible for some customers to pay their mortgages for several days.
  • The Cybersecurity and Infrastructure Security Agency warned right before Thanksgiving that ransomware hackers are still exploiting a vulnerability in a popular Citrix product — months after a patch became available."

 Yes, This is a Recurring Theme

No doubt, we have discussed this critical infrastructure topic many times before. In October of this year, I wrote about AI and critical infrastructure trends: "The Department of Homeland Security is looking to become one of the 'early and aggressive adopters' of AI tools within the federal government, and is taking steps to protect critical infrastructure from AI-powered cyber attacks."

This is also part of the growing nature of nation-state cyber attacks. Cyberwar and regional tensions with China, Ukraine and Israel have all contributed to this challenge, as highlighted by CSO Magazine: "With active kinetic wars in two major global arenas and fears that China is stealthily infiltrating critical infrastructure for future cyber disruption, experts at this year's Cyberwarcon painted a picture of the growing harm that malicious cyber tools can wreak."

But Microsoft's main blog has also focused on this critical infrastructure cyber attacks topic recently, with a twist including espionage:

"In the past year, cyberattacks have touched 120 countries, fueled by government-sponsored spying and with influence operations (IO) also rising. At times, nearly half of these attacks targeted NATO member states, and more than 40% were leveled against government or private-sector organizations involved in building and maintaining critical infrastructure. While headline-grabbing attacks from the past year were often focused on destruction or financial gain with ransomware, data shows the predominant motivation has swung back to a desire to steal information, covertly monitor communication, or to manipulate what people read."

One more: Infosecurity Magazine offers this recent piece describing critical infrastructure cyber attacks in detail, including sources and specific modes of attack against governments and private-sector companies.

You can watch this video to learn more about what is being done to address these cyber challenges against critical infrastructure by the Department of Defense and hear an unclassified overview of their new cyber defense strategy.

Final Thoughts

Next week, this blog will focus on my annual cyber story of the year for 2023, before we get to the top 2024 security predictions from industry companies in two weeks.

To be clear, this above-mentioned list of cyber attacks against critical infrastructure is not the top cyber story of the year. Some could even argue it is not in the top three to five stories of the year for various reasons, but more on that next week. (As an aside, if you want to guess what will be the top cyber story, just go back and read over my blogs since January. You will see a technology and security trend that is undeniable. Indeed, I suspect that most of my regular blog readers already know what the top cyber theme will be for this past year.)

Nevertheless, just as I wrote about in mid-2022 in this blog, there has been a relentless increase in cyber attacks against critical infrastructure this past year that can be compared to "death by a thousand cuts" for businesses and governments globally.

From a positive perspective, the lack of a 9/11 or Cyber Pearl Harbor event is a good thing. We should be glad that this is a "dark horse" cyber topic for a year-end review and not the cyber story of the year.

But no one is celebrating, with fear of more attacks to come.


(c)2023 Government Technology

Visit Government Technology at www.govtech.com

Distributed by Tribune Content Agency, LLC.