10 daunting cyber physical attacks (and proactive mitigations) – CyberTalk

EXECUTIVE SUMMARY:

Cyber physical attacks, which weaponize computer code to cause physical disruption or destruction, represent a growing threat, worldwide. These types of attacks tend to target water treatment facilities, power plants, transportation services, and other digitally connected, critical infrastructure-related segments of our society.

Years ago, cyber systems and physical systems had little-to-no interconnectivity. However, in recent years, internet-based systems have been employed, at-scale, to control physical systems and objects. Emergent cyber physical systems have sensors, computational capacities, real-time monitoring options, and automated components, among other (fancy and useful) things.

Experts have expressed concern around how AI could result in an era rife with cyber physical attacks. With greater technological advancement comes greater responsibility, one could argue. The challenge, at present, is that we’ve largely under-allocated resources to the protection of cyber physical systems. A rich discussion of cyber physical attack types and prevention modalities is to follow…

10 daunting cyber physical attacks (and proactive mitigations)

1. Water treatment facility threats. Cyber physical attacks on water treatment plants and systems are increasing and growing increasingly severe. Threats include potential contamination with deadly agents, as nearly occurred in the Oldsmar water treatment plant attack. Water treatment facilities, at least, in the U.S., have been notoriously slow to adopt adequate cyber security measures.

Mitigations: Experts broadly recommend that the water sector implement a multi-layered approach to cyber security. This includes rigorous network segmentation to isolate OT systems from IT networks, employing multi-factor authentication, monitoring network traffic and system logs, along with training staff around cyber security best practices.

2. Threats to industrial machinery. Although these threats have not appeared as frequently as water treatment facility threats, some of the world’s most sophisticated cyber criminals can target construction sites.

White hat researchers have proven that cyber criminals can potentially manipulate excavators, cranes, scrapers and other large pieces of machinery. Five years ago, Forbes noted that in the context of cyber security research, “cranes were hopelessly vulnerable.” Patches and work-arounds have been released, however some flaws may continue to persist.

Mitigations:
To prevent cyber physical attacks on industrial machinery located in or near active construction sites, cyber security professionals should pursue a comprehensive cyber security strategy – with both technical and procedural elements. Products with integrated AI security, like this, can help.

3. Power plant threats/the grid. As the world moves towards smart grid technology, cyber physical attacks on such systems are growing in frequency and sophistication. And artificial intelligence can make the development and launch of these attacks even easier than ever before, according to experts.

Mitigations:
One of the greatest challenges around power plant threats is actually lack of knowledge surrounding mitigation. Organizations need to ensure that all default passwords in systems have been changed to unique passwords. They also need to patch systems to the latest patch level. It’s also important to decommission unused systems. Employees need to remain aware of social media and social engineering threats. Contractors need to be held to high security standards…etc. The U.S. government’s comprehensive analyses and recommendations can be found here.

4. Transportation system threats. Transportation systems move millions of people and products across countries and continents everyday. Cyber physical attacks that target transport systems have the potential to slow down or stop the supply chain, preventing people from accessing essential, life-sustaining resources.

Mitigations:
One issue within the transportation sector is the historic lack of resources devoted to cyber security and cyber physical threats. But as different transportation sub-sectors become increasingly connected, improved funding, comprehensive cyber security strategies and collaborative efforts will become essential.

5. Autonomous vehicle threats. Self-driving cars and trucks rely on a complex web of network sensors, AI algorithms and communication systems; potential targets for cyber physical attacks. Key vulnerabilities include sensor spoofing, exploitation of vehicle-to-vehicle and vehicle-to-infrastructure communications, and malicious interference with AI decision-making systems, among other things.

In 2023, researchers demonstrated the ability to upend an autonomous vehicle’s driving abilities after placing stickers on road signs. This kind of trickery (or sabotage) can lead to misinterpreted traffic signals or misunderstood road conditions.

Mitigations: Explore this expert interview pertaining to connected vehicle cyber security mitigations. In addition, this EV cyber security risks and best practices article may be of interest.

6. Smart building system threats. While building-based attacks are rare at the moment, building system attacks are poised to become a serious problem. It’s not worth waiting for a catastrophe before taking action.

Modern buildings often have interconnected HVAC, lighting, access control and elevator systems – all of which are indeed vulnerable to cyber physical attacks, unless properly secured.

Mitigations: Cyber security professionals should first familiarize themselves with the inherent management system and its built-in security features (basics, right?).

Subsequently, professionals may wish to implement network segmentation. Systems should be regularly patched and updated. Security assessments at regular intervals are a must. In addition, implement strong access controls, like least privileged access, and monitor for anomalous behavior.

7. Manufacturing facility threats. Within manufacturing environments, Industry 4.0 has led to heightened levels of connectivity. On this account, cyber physical attacks could disrupt production, compromise product quality and/or crush profits. Operational adaptations, such as remote work adoption, have also increased the risks of cyber physical attacks in this sector.

Mitigations: The Cybersecurity and Infrastructure Security Agency recommends developing both a long-term and multi-faceted cyber security strategy. Manufacturing organizations are also advised to invest in training for both security analysts and those who are working on the ‘shop floor’. Those on-site should maintain cyber security and operational knowledge. Partnerships between production staff and security analysts should be facilitated and aligned with the organization’s risk tolerance.

8. Healthcare device threats. Cyber criminals have been known to target hospital-based IoT systems, implantable IoT systems, and personal wearable devices (like smartwatches).

To highlight the magnitude of implantable IoT security challenges, Dr. Sanjay Gupta, an American neurosurgeon, noted that former U.S. Vice President Dick Cheney’s heart defibrillator had to be monitored ahead of implantation to avoid potential cyber physical terrorist attacks.

Mitigations: Because the healthcare cyber physical attack landscape is so varied, it’s tough to summarize mitigations in a single paragraph. For hospital-focused threat prevention insights, click here. For medical IoT (IoMT) cyber security insights, see our Buyer’s Guide.

9. Drone system threats. The proliferation of commercial drones has created the potential for cyber physical attacks of new varieties. We’re not talking about flying pizza that fails to land…Drone threats could result in disruptions to critical national infrastructure and could lead to public safety concerns.

Mitigations: Enterprises that leverage drones are advised to encrypt drone communication technologies. They should also deploy anti-spoofing and anti-jamming technologies. Beyond that, experts suggest establishing real-time monitoring capabilities for drone fleets with automated anomaly detection. These reflect just a handful of the cyber security tactics that can be put into place.

10. Quantum computing threats. While technology isn’t quite there yet, quantum computing may present a threat to cyber physical systems by making it possible for adversaries to break encryption methods used for sensitive data.

In turn, cyber criminals may be able to gain access to industrial control systems or other sensitive cyber infrastructure that could be used to incite physical damage.

Mitigations: Organizations may wish to focus on hiring talent that is familiar with quantum computing security. In addition or alternatively, organizations may want to participate in the development of quantum security standards, and help to establish best practices. As quantum technology evolves, stay informed.

Summary

To effectively prevent cyber physical attacks, organizations need to fully understand their own ecosystems; both digital and physical assets.

Comprehensive visibility into systems will enable organizations to prioritize risk mitigation efforts, allocate resources more effectively, and develop targeted strategies that address the most critical weaknesses in cyber physical infrastructure.

Also worth mentioning: A cyber physical security approach should also extend beyond internal systems as to include third-party vendors and supply chain partners.

For more on cyber physical attacks, click here. Lastly, to receive cyber security thought leadership articles, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.