Cybersecurity Threats to Critical Infrastructure and Industrial Control Systems

This week’s newsletter covers a warning from the Canadian government that adversaries have successfully breached and are continuing to target exposed industrial control systems across the country, and covers the rising risks to critical infrastructure in the United Kingdom stemming from repeated cyberattacks on water systems.

Canadian Government Warns of Rising Attacks on Industrial Control Systems

The Canadian Centre for Cyber Security issued an alert after receiving multiple reports of cyber incidents involving internet accessible industrial control systems. These include an incident where hackers tampered with a water pressure valve at a water facility, another incident where hackers triggered false alarms by tampering with the automated tank gauge at a Canadian oil and gas company, and an incident where hackers manipulated the temperature and humidity parameters at a grain silo on a Canadian farm. The government attributed these attacks to hacktivist groups, though it is not uncommon for state sponsored groups to act under the appearance of hacktivism.

The alert advised organizations to identify and review all internet accessible industrial control systems and to limit or eliminate direct internet exposure wherever possible. If remote access is required, it recommends using secure remote access methods such as VPNs with multi-factor authentication. The intended results can also be achieved effectively using secure zero trust access network solutions. The Cyber Centre further advised enhanced monitoring using intrusion prevention systems, continuous vulnerability management, and regular penetration testing. It also encouraged coordination between government, municipalities and service providers. Finally, they suggest tabletop exercises to strengthen response readiness for future events.

Access the full article here.

Access the official report here.

Cyberattacks on United Kingdom Water Systems Highlight Growing Risks

The United Kingdom’s Drinking Water Inspectorate (DWI) reported five cyber incidents affecting water suppliers since January 2024, following a freedom of information request from Recorded Future News. While none of the incidents disrupted operations, they highlight a growing threat to critical infrastructure. Similar attacks in recent years, including a 2022 ransomware breach at South Staffordshire Water and a 2023 cyberattack that disrupted service in County Mayo, Ireland, reflect a global increase in cyber threats targeting utilities.

The incidents have renewed scrutiny of the United Kingdom’s cybersecurity regulations, which currently require disclosure of a cyber incident only when essential services are disrupted. The proposed Cyber Security and Resilience Bill aims to expand mandatory reporting and strengthen accountability for critical infrastructure operators.

Access the full article here.

Access the resilience bill here.

Yisda Takeaways

Recent incidents in Canada and the United Kingdom highlight an escalating threat to operational technology, industrial control systems and critical infrastructure across the globe. Hacktivist groups and nation state actors alike are increasingly targeting critical infrastructure to cause disruption, gain visibility and establish strategic footholds. 

These attacks highlight the importance of minimizing internet exposure for industrial control systems and implementing secure remote access methods, such as zero trust network access. While governments are working to respond, the responsibility for defense extends to every operator and organization responsible for maintaining and securing the critical infrastructure that delivers essential public services.