In a plot that feels ripped straight from the scripts of a Hollywood spy thriller, the cyber realm becomes the battleground for high-stakes espionage as hackers set their sights on critical infrastructure. Armed with sophisticated malware, social engineering tactics, and a chilling precision, these digital saboteurs weave their way into the control systems of power grids, water supplies, and transportation networks. This isn’t a movie plot; it’s a sobering reality highlighting the growing risks in our interconnected world.
In early January 2024, FBI Director Christopher Wray testified to Congress that Chinese hackers are “positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.”
Recognizing the increase in cyber warfare on critical infrastructure, Congress passed and the President signed the Cyber Incident Reporting for Critical Infrastructure Act (“CIRCIA”) in March 2022. As with many congressional acts, regulatory agencies are tasked with developing rules to regulate and enforce the law. CIRCIA requires the Cybersecurity and Infrastructure Security Agency (“CISA”) to conduct mandatory rulemaking activities before the reporting requirements go into effect. Accordingly, CISA published Notice of Proposed Rulemaking (“NPRM”) on April 4, 2024 in the Federal Register and collected public comment until July 3, 2024. CISA must issue a final rule within 18 months of issuing the NPRM.
Since the public comment period closed in July, several critical sector companies have suffered cyber attacks. American Water (the largest water provider in the USA) revealed in early October 2024 it suffered a cyberattack when hackers obtained unauthorized access to its computer networks and systems resulting in the shutdown of the customer portal and billing modules. In a separate attack in October, Salt Typhoon, an advanced persistent threat actor linked to the Chinese government, broke into the networks of US internet providers like AT&T, Verizon and Lumen, which owns CenturyLink and Quantum Fiber.
As of the date of this article’s publication, Salt Typhoon has yet to be ejected from the compromised networks. This week, on December 3, 2024, the FBI and CISA published a joint guide that provides recommended best practices for the major global telecommunication providers to harden their networks.
Read more about the joint guide, and how your firm can use these best practices to keep your data, networks, and customers safe, in the latest insight from DayBlink Consulting’s Cyber Security group: Jacob Rosner on Medium