We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Pre-Stuxnet, Post-Stuxnet: Everything Has Changed, Nothing Has Changed
Security experts discuss ongoing infrastructure vulnerabilities, threat landscapes, and measures to mitigate risk.
- Security vulnerabilities in software and basic architectural problems are still prevalent, post-Stuxnet.
- States with critical infrastructure should focus on multi-factor authentication and periodic audits.
- Attackers have successfully breached critical infrastructure, highlighting the need for improved security.
- Despite advancements in security, threats still pose a significant risk to critical infrastructure.
- Pre-Stuxnet, innovations and computer attacks were largely driven by the criminal underground, whereas now nation-state hackers have joined the ranks.
- Stuxnet provided stark evidence that physical attacks can be devastating, making it crucial to prioritize security.
- History has shown that ignoring vulnerabilities can lead to disaster, as seen in the Colonial Pipeline hack.
- Many election systems are still vulnerable to tampering and hacking, despite warnings.
- Ransomware attacks on critical infrastructure have been on the rise, with 400 attacks in 2020 alone.
- Physical attacks, such as those that physically destroy equipment, are becoming more ominous.
- Attackers have targeted various critical systems, including those in Ukraine and the United States.
- Some think that hacktivists will play a significant role in future cyber wars, while others believe nation-states will remain the primary actors.
- Despite the risks, some believe that control systems for critical infrastructure are secure due to the lack of interest in disrupting or destroying them.
- Ransomware attackers have targeted critical infrastructure since 2015, highlighting the need for best practices.
- A peak in global ransomware attacks has been observed, making it crucial to prioritize security response plans.
- Some think that attackers have had more time to perfect their skills due to the lack of attention from law enforcement and government agencies.
- The security community should focus on coordinating efforts to combat cyber threats.
- Cyber attacks on critical infrastructure can pose significant dangers to public health and safety.
- Outdated systems and a lack of security awareness have contributed to the success of attackers.
- Cooperation between government agencies, law enforcement, and private companies is essential to combat cyber threats.
- Best practices for securing critical infrastructure should involve periodic audits, secure backups, and strong perimeter controls.