Security News > 2023 > February > We can’t rely on goodwill to protect our critical infrastructure
Protecting CNI is a difficult task, thanks to a combination of a lack of skilled professionals, legacy systems and a lack of security investment that leaves them open to attack.
While one would assume that these systems should run the latest and greatest security measures, due to their sensitive nature, many of these systems operate on legacy machines that can't be reset and can't be patched.
In 2021 the Digital Economic Council reported that over £2bn IT-related spending by the UK government is dedicated to simply "Keeping the lights on," and not updating or replacing outdated legacy systems.
In the past IT managers could have relied on secrecy and obscurity to protect their systems but now any system that is connected in any way to the internet is at risk of attack.
APT groups often compromise a single system and use it as a foothold, remaining hidden while they gather intelligence for a future attack.
As agentless systems do not need to be installed on each individual system, they can provide a more comprehensive view of network activity and are better able to detect and prevent APT attacks that may go unnoticed by traditional security systems.
News URL
https://www.helpnetsecurity.com/2023/02/03/protect-critical-infrastructure/
Related news
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- Food security: Accelerating national protections around critical infrastructure (source)
- SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year (source)
- Despite Russia warnings, Western critical infrastructure remains unprepared (source)