Cybersecurity

Critical infrastructure cyberattacks ‘a geopolitical weapon’ says new report

A new report from the cybersecurity firm KnowBe4 shows that attacks on energy infrastructure are particularly rampant.

August 26, 2024

(Getty Images)

A report published Monday by the cybersecurity firm KnowBe4 calls cyberattacks on power grids, communication systems, transportation networks, ports and other infrastructure “the new geopolitical weapon,” because such cyberattacks are often linked to foreign nations.

The new report shows how cyberattacks on critical infrastructure are a rising threat to state and local governments, not only because of the data hackers might extract, but because of the potential damage they could inflict on any of the systems and physical assets societies rely on to function properly.

“As the infrastructure sectors in developed nations have become increasingly interconnected to digital technologies, advancements have increased their capacities and efficiency; but they have also opened new vulnerabilities to cyberattacks,” the report states.

Cybersecurity threats are particularly dangerous to the energy sector, the report notes, which includes power generation, water treatment and electricity production. According to the report, the U.S. Department of Energy received 185 reports of security incidents in 2023, a new high.

“A lack of cybersecurity awareness, in communities or organizations, leaves a wide attack surface open for intrusion,” the report states.

A water utility station operated in Aliquippa, Pennsylvania, last year suffered a cyberattack in which an Iranian-backed hacking group disabled the monitor used to regulate water pressure. The day after the attack, investigators discovered the water authority had been using the software’s default ‘1111’ password.

The report emphasizes the importance of cybersecurity awareness training for state and local organizations. It notes that weak security could “leave the door open for adversaries to enter their nation’s infrastructure” for the purpose of espionage.

According to the report, between January 2023 and January 2024, global critical infrastructure suffered more than 420 million cyberattacks, or roughly 13 attacks per second. Although the United States was the primary target, the report notes that 163 other countries have also been victims of attacks on critical infrastructure, often by state-sponsored hackers linked to China, Russia and Iran.

Critical infrastructure cyberattacks ‘a geopolitical weapon’ says new report

More Like This

CISA publishes cybersecurity checklist ahead of November election

Ransomware attacks declining, but evolving in government, survey shows

NASCIO names finalists for 2024 State IT Recognition Awards

Top Stories

New Jersey selects Tyler Technologies for three-year IT services contract

Privacy advocates are concerned by NYC’s online teen counseling service

More Scoops

CISA publishes resilience-planning playbook for critical infrastructure

New cybersecurity bill would shore up water system protections

Education Dept. launches council to stop K-12 cyberattacks

Cyber hygiene needs to evolve, state cybersecurity officials say

‘We know they’re on the network,’ CISA official says of nation-state actors infiltrating U.S. critical infrastructure

Foreign states, ransomware threaten U.S. ports, says maritime security analyst

Where’s the federal legislation for state water utility cybersecurity?

Latest Podcasts

How Maryland is expanding digital services efforts

Why New Jersey’s innovation office is expanding

Why was Missouri’s auditor given new powers?

Georgia’s new voter website has legal watchdogs concerned

State

City

Modernization

Cybersecurity