Securing the Grid: Lessons from China's Cyberattacks on U.S. Providers
Rob T. Lee
Technical Advisor to US Govt | Chief of Research and Head of Faculty, SANS Institute | Cybersecurity Researcher | "Godfather of Digital Forensics" | Learner & Leader
The Wall Street Journal’s recent article on China-linked cyberattacks targeting U.S. internet providers highlights yet another example of how critical infrastructure remains at significant risk from sophisticated cyber adversaries. The revelations about Salt Typhoon, an alleged state-sponsored group, continue to build on the growing body of evidence that cyber threats targeting essential services are not a future concern—they are here and happening now.
These specific attacks also demonstrate a significant shift in the playbook of state-sponsored cyber threats, where targeting internet service providers isn’t solely about data theft but instead includes undermining the very infrastructure that enables digital communication and commerce to happen. These attacks are a wake-up call for governments and businesses alike to reexamine how resilient their ICS/OT defenses are. As the lines between cyber and physical security blur, the risk isn’t just about downtime or lost data, but about potential nationwide disruptions.
Our blog outlines five key takeaways from industry experts on ICS security, which are more relevant than ever:
At SANS, we’ve been working to bring attention to the vulnerabilities in operational technology (OT) and industrial control systems (ICS). Our recent launch of the ICS/OT Strategy Guide: ICS Is the Business and the accompanying The Business Risks of Ignoring ICS Security webcast and blog specifically emphasized these very points: the growing importance of securing critical infrastructure from threats like those outlined. Whether it’s water utilities, energy grids, or public services, the reality is that these systems are under constant attack.
领英推荐
Why ICS and OT Security is a National Priority
SANS has partnered with both private and public sectors , offering extensive training and resources to improve the resilience of vital services. Our work with utilities, from water to power, is critical, especially in light of incidents like those we’ve seen in Ukraine and now here in the U.S.
Looking Ahead: What Organizations Can Do
While the WSJ report is not necessarily breaking news for those in the security community, it adds to the growing narrative that these threats are very real. The Salt Typhoon attack is just one in a long list of incidents that underline how crucial it is to take proactive security measures.
For those looking for immediate, practical advice, I encourage you to explore our Strategy Guide , attend our upcoming SANS 2024 ICS/OT Survey: The State of ICS/OT Cybersecurity webcast , and implement the Secure-by-Design Framework we’ve laid out. It’s not just about being aware of the threats—it’s about taking action now to secure critical infrastructure before it’s too late.
Vulnerability Management Lead @Garrett Motion | ex-EY GDS | ex-Cognizant | Application Security Specialist
1 个月Lessons on US counter-ops against ASEAN .. stop interfering .. Since once nose is lost in Afgan Horses - pls do not insult on another.
Keep spreading the good word!