The Indian Computer Emergency Response Team (CERT-In) has also reported a surge in the number of incidents handled by it, with close to 50,000 security incidents in 2015, noted the study titled ‘Protecting interconnected systems in the cyber era’.
The study highlighted that Operational systems are increasingly subject to cyberattacks, as many are built around legacy technologies with weaker protocols that are inherently more vulnerable.
The continued and regular sharing of cyber security intelligence and insights is essential to improving the resiliency of these systems and processes from emerging cyber risks.
“Cyberattacks around the world are occurring at a greater frequency and intensity. Not only individuals but also businesses and governments are being targeted. The profile and motivation of cyber attackers are fast changing”, highlighted the joint study.
With an increase in the usage of information and operational technology (OT) and consumer technology (CT) in critical infrastructure, overall effectiveness has increased. However, these elements have also become the target of choice for attackers since they recognise the impact of disrupting the routine way of life.
Attackers can gain control of vital systems such as nuclear plants, railways, transportation or hospitals that can subsequently lead to dire consequences such as power failures, water pollution or floods, disruption of transportation systems and loss of life, noted the study.
In the US alone, there has been an increase of nearly 50% in reported cyber incidents against its critical infrastructure from 2012 to 2015, adds the paper.
“Cyberattacks around the world are occurring at a greater frequency and intensity. Not only individuals but also businesses and governments are being targeted. The profile and motivation of cyber attackers are fast changing. A new breed of cybercriminals has now emerged, whose main aim is not just financial gains but also causing distruption and chaos to businesses in particular and the nation at large,” Assocham said.
The National Critical Information Infrastructure Protection Centre (NCIIPC) has been identified as the nodal agency under the National Technical Research Organisation for the protection of critical information infrastructure. The formal roles and responsibilities of NCIIPC include cooperation strategies, issuing guidelines, advisories and coordination with CERTIn.
NCIIPC has defined controls for the critical infrastructure sectors—power and energy; banking, financial services and insurance (BFSI); ICT; transportation; and e-governance and strategic public enterprises.
“The continuous research and development can help in capacity building and coming up with effective solutions, adds the study. A cross-sector knowledge database inclusive of all the past incidents and threats needs to be maintained and analysed to strengthen protection measures.
“Relevant, properly configured technology Investment in the right technology is another key characteristic of resilient OT and CT networks. Using the right detection, prevention, monitoring and reporting tools will help organisations to prevent attacks and facilitate informed decision-making in relation to possible cyber security threats.
“A strong collaboration between well-equipped IT, OT and CT teams is also necessary for a unified approach to risk management and incident response. Monitoring OT and CT must be brought under the ambit of security monitoring, as in the case for IT networks. The periodic monitoring programme should include log monitoring, vulnerability assessments and audits of these interconnected systems. Central monitoring through nodal bodies will help in institutionalising the efforts.”
With regard to security incidents in critical infrastructure, organised efforts are required to reduce the potential cascading impact and response time. Incident response for critical infrastructures requires a partnership between public and private organisations to perform analysis, issue early warnings and coordinate response efforts, it added.
“Accordingly, they should build a forward-looking cyber security programme that is based on the right balance of technologies, processes and people skills—all supplemented with an ample measure of innovation. With these components in place, organisations are likely to be better prepared for the future of cyber security.”
The study revealed that in the past attacks have been mostly initiated from the countries such as US, Turkey, China, Brazil, Pakistan, Algeria, Turkey, Europe, and the UAE, and with the growing adoption of internet and smartphone India has emerged as one of the most favorite countries among cyber criminals.