What Organisations Need to Do to Mitigate the Devastating Impact of Cyber Attacks on Critical Infrastructure

Imagine hospitals going dark during surgery, traffic lights turning off at rush hour, Internet service bogging down, sensitive customer data getting stolen, or clean water supplies being disrupted.

One of these scenarios became a reality when Megalayer, a Chinese technology company providing critical infrastructure for cloud computing and data storage services, suffered a massive attack that brought down its data centre, causing massive network packet losses and network outages that lasted for days.

Additionally, last year, another DDoS attack brought down the websites of several public healthcare institutions in Singapore, including Singapore General Hospital, National University Hospital and Tan Tock Seng Hospital. The websites were inaccessible for approximately seven hours, rendering internal users unable to access online productivity tools and preventing patients from visiting the sites.

These incidents highlight the criticality of protecting the critical infrastructure—energy grids, telecommunications, wastewater facilities, healthcare institutions and transportation systems—necessary for the proper and smooth functioning of society and its economy. Unfortunately, critical infrastructures have become prime targets of threat actors, who no doubt recognise the massive financial and reputational rewards they stand to gain by attacking systems that impact millions of lives.

On a smaller scale, it’s also important to recognise that every organisation has its own critical infrastructure, essential for its operations and success. Whether it’s a financial institution’s transaction systems, a manufacturer’s supply chain, or an e-commerce platform’s customer data, these vital components are equally vulnerable to attacks and require robust protection to ensure business continuity and safeguard sensitive information.

The Double-Edged Sword of Rapid Digitalisation

Rapid digitalisation is only complicating matters further, creating new vulnerabilities that threat actors can exploit to disrupt these systems for financial gain, inflict widespread harm, or cause instability in the case of state-sponsored actors. These threat actors will keep attacking, putting the onus on critical infrastructure stakeholders to foil any and all attacks—or risk compromising people’s lives.

Singapore is responding accordingly by amending its Cybersecurity Act to mandate owners of critical infrastructure to report cybersecurity incidents and strengthen the country’s overall security. The Cyber Security Agency of Singapore is also at the forefront of protecting the Lion City’s critical infrastructure, even holding the annual Exercise Cyber Star meant to test the response of 11 critical sectors—including energy, water, healthcare, and transportation—against complex cyber attack scenarios.

These measures are necessary given the growing sophistication and brazenness of threat actors today. But these measures need to be augmented by leading-edge efforts from the private sector—particularly industry leaders in cybersecurity—for them to adequately protect critical infrastructure.

Initiatives like the Critical Infrastructure Defence Project are an example in this regard. This project aims to adequately prepare organisations for increasingly frequent and sophisticated attacks that seek to steal data, compromise applications, and disrupt networks and devices. The goal of the Critical Infrastructure Defence Project, spearheaded by industry leader Cloudflare with expert help from CrowdStrike and Ping Identity, is to quickly improve the cyber readiness of critical infrastructure like hospitals, energy utilities, and water utilities by providing free services and support in the form of a robust zero trust, defence-in-depth approach.

Multi-Layered Defence for Critical Infrastructure

Central to this defence-in-depth approach are vital “layers” of security. Each layer protects specific risk areas independently while collaborating to deliver a unified and comprehensive defence against attacks. Cloudflare emphasises three critical areas:

• Adopting Zero Trust: By transitioning from traditional, perimeter-based security models to a zero-trust architecture, organisations can significantly enhance their resilience. This involves verifying each user and device before granting access, regardless of location. Benefits include improved security for remote access, better protection for contractors and unmanaged devices, reduced risk of ransomware attacks, and increased visibility into data exposure.
• Protecting the Attack Surface: Proactively defending the attack surface is crucial for cybersecurity. This involves preventing multi-channel phishing and business email compromise, protecting remote workers and distributed offices and securing the entire Wide Area Network (WAN). Implementing a robust attack surface protection strategy can effectively mitigate a large portion of potential cyber attacks.
• Stopping Zero-Days: The rapid evolution of threats requires advanced protection against zero-day vulnerabilities, known CVEs, Cross-Site Scripting (XSS), and Denial-of-Service (DoS) attacks. By proactively addressing these exploits at their source, organisations can prevent breaches and ensure continuous service availability.

Another critical aspect of a comprehensive security strategy is API security. According to Cloudflare’s recent 2024 API Security & Management Report, APIs now surpass other types of Internet traffic. While APIs drive competitive advantages—such as enhanced business intelligence, faster cloud deployments, and the integration of new AI capabilities—they also present significant risks. If exploited, shadow APIs can lead to data exposure, unpatched vulnerabilities, data compliance violations, lateral movement, and other threats.

Cybersecurity is a never-ending cat-and-mouse game between targeted organisations and threat actors—only, the stakes are at an all-time high when critical infrastructure is involved. Concerned stakeholders will thus need to move fast and decisively in order to get the upper hand and protect these all-important systems.

Otherwise, society at large will be affected in a bad way.

To learn more about the best practices for preventing advanced attacks that are increasingly originating from APIs and securing your organisation’s critical infrastructure, download the full 2024 API Security & Management Report by clicking here.