In testimony before the House Select Committee on the Chinese Communist Party yesterday, FBI Director Christopher Wray delivered an ominous message:
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.”
That statement strongly implies that the assets (including IT, IT, OT, and cyber physical systems) on which American power grid, water treatment, healthcare, pipeline, transportation and logistics, telecommunications, and other critical infrastructure operations depend have already been compromised by state sponsored or sanctioned threat actors.
The risk, Wray emphasized, was not hypothetical, but real; not a matter of if, but when. And when the attack comes, he said it would be at a moment of China’s choosing.
A likely Chinese cyberattack will “wreak havoc and cause real-world harm to American citizens and communities.”
Wray also expressed frustration that these threats to U.S. critical infrastructure have not gotten the attention they require, and he made it clear to the Committee that they and the nation need to do more. “China’s multi-pronged assault on our national and economic security make it the defining threat of our generation,” he warned.
Offering some reassurance, Wray said that the U.S. was not incapable of defending against the Chinese cyberthreat, but that the public and private organizations responsible for managing our economic and critical infrastructure “cannot afford to sleep on this danger.”
In other words, his testimony was a wake-up call.
Ordr’s customers can take immediate action to check for, respond to, and mitigate security gaps and indicators of compromise that might otherwise be exploited by threat actors. You have a powerful tool available and can use our See, Know, Secure framework to guide your cybersecurity strategy and execution.
Keep in mind that, while the FBI director named several examples of critical infrastructure under threat, the list was not exhaustive. Healthcare, financial services, manufacturing, and other industries can all be defined as critical infrastructure. And any organization that is part of the digital supply chain to those targets also poses a threat.
It is important to know that we are not sitting still. Our policy is one of continuous improvement, and we are monitoring this and other threats to ensure our customers are prepared, developing and updating features that help our customers simplify risk prioritization, and rapidly respond to and contain threats. Our threat intelligence integrations, in concert with the Ordr Data Lake, ensure the most precise, real-time analysis possible are at work on your behalf.
For example, the rogue devices, malicious communications, and malware our customers have detected and remediated mean their environments are already better protected against potential cyberattacks. One customer–a critical infrastructure operator–was able to reduce dwell time from the industry average of 16 days to just a few minutes.
We also continue to monitor our systems and processes, ensuring they comply with SOC2 standards. As outlined in a previous blog, Ordr’s achievement of SOC 2 compliance in Organizational Governance and Structure underscores our enduring commitment to security.
The FBI’s warning should not come as a surprise to cybersecurity professionals who have been paying attention. Threat actors have been actively targeting economic and infrastructure targets for years. And whether or not the scenario Director Wray described in his testimony comes to pass, we can expect attacks from other hostile players to persist. Cybercriminals have shown a propensity for carrying out their business with callous unconcern for the consequences of their actions.
As such, we should use this moment to remind those around us that security is everybody’s job. Be wary of every email, every online interaction, every unexpected behavior in your network. Our commitment to you is that we will continue to work diligently to ensure the Ordr platform is always vigilant, ready, and able to keep your enterprise as secure as it can be. Do not hesitate to reach out to us if you have any questions about this or other cyberthreats to your organization.
*** This is a Security Bloggers Network syndicated blog from Ordr Blog - Ordr authored by Srinivas Loke. Read the original post at: https://ordr.net/blog/fbi-issues-ominous-warning-of-imminent-cyber-attack-on-critical-infrastructure/