What happens when the down arrow suddenly points up?
How would you know what a cyber attack on critical infrastructure might look like?
At a time of War in Ukraine, Russia has been amping up their threats and actual attacks, along with other hostile nation states jumping in at the same time, what does an organization do? How do you recognize a critical infrastructure attack from a technical failure? How does the civilian population?
Well, sometimes it might be a blinking light, or an arrow pointing in the wrong direction that is the only hint. Literally something as stupid as that.
How do we know? Do the authorities tell us necessarily if there is a cyber attack on critical infrastructure? What is the difference to you or someone else when a utility or a transport service has an outage blamed on “technical failure”? Or when it is an attack on critical infrastructure? President Biden only recently signed into law breach notification responsibilities for critical infrastructure, so most likely up until now, the average person would never have known – unless it was actually reported in the media.
Unfortunately, we may not always know. The reporting and breach notification rules and attention to them vary greatly by industry, state and even whether workers are fulfilling their obligations or not.
If one thinks about the term “Cyber War” and the sheer variety of attack vectors and attack surface areas, one gets approximately these at a very minimum *note that is not including every single attack vector*.
Fake social media.
SMS phishing in addition to email.
Videos w malware.
Denial of Service.
USB Stick + personal byod attacks.
Account takeover attacks.
Social engineering attacks.
Malware laden mobile apps.
Exploitation of known network and ICS / IoT weaknesses.
Use of osint to establish attack targets and probe weakness in everything from hospitals to factories and power plants.