Cybersecurity for mission-critical systemsCybersecurity for mission-critical systems

By Sara Lasso de La Vega¹

The Latin America and Caribbean region experienced 137 billion attempted cyberattacks from January to June this year, a 50% increase from the same period last year (91 billion). Mexico was the most attacked country in the region (85 billion), followed by Brazil (31.5 billion) and Colombia (6.3 billion). 1 In addition to the extremely high numbers, the data reveals an increase in the use of more sophisticated and targeted strategies, such as ransomware, DDoS (Distributed Denial of Service), and even the use of Artificial Intelligence by attackers.

During the first six months of 2022, approximately 384,000 ransomware distribution attempts were detected worldwide. Of these, 52,000 were destined for Latin America. Attacks on governments continue to grow exponentially and also hit the private sector with high financial and reputational costs. This is evidenced by the constant increase in news reports on the subject and leaks of consumer and citizen data.

Public Security: Why do hackers attack government entities?

Similar to the private sector, organizations using mission-critical communications are under increased pressure to deliver better experiences and results on a daily basis. To do this, advanced technologies are used to protect systems on-premises and in the cloud, whether public or private.

The challenge here is to prevent cybercriminals from circumventing these technologies using various attack methods, including DDoS, ransomware attacks, phishing, and data theft or compromise. Implementing a solid security mindset and attack-resistant infrastructure is most important for all companies that use mission-critical communications to keep their operation running. In the Public Safety field, these agencies often store high-value data such as license plates, addresses, medical records, and other confidential information, which allows attackers to monetize the data and extort victims with threats of leaking stolen information.

How prepared is the system to deal with these threats, and what technological tools exist for cyber defense? It is hard to believe that cyberattacks will decrease in intensity, the trend is that attack points will multiply as digital transformation accelerates across all businesses, including challenges such as hybrid working, IoT, OT and various connected devices.

Therefore, it is now essential to take a proactive approach that includes a comprehensive set of services ranging from assessment and consulting to managed security services – involving threat detection and response, vulnerability assessment and pentests, including recovery of lost, damaged or stolen information. Let me take this opportunity to list some recommendations based on the US National Institute of Standards and Technology (NIST) cybersecurity framework:

1) Identify: help develop an organizational understanding that manages cybersecurity risk to systems, people, assets and data . Understanding the business context, the resources that support critical functions, and the cybersecurity risks allows an enterprise to focus and prioritize its efforts, according to its risk management strategy and business needs.

2) Protect: appropriate security measures to ensure the delivery of critical infrastructure services by mitigating, limiting, or containing the impact of a potential cybersecurity event.

3) Detect: define the appropriate activities to identify the occurrence of a cybersecurity event (e.g., real-time monitoring of assets, including databases, cloud assets, and connected devices).

4) Respond: include the appropriate activities to take action on a detected cybersecurity incident and contain its impact. 5) Recover: identify the appropriate activities to maintain resiliency plans and restore services that have been affected due to a cybersecurity incident.

And finally, best practices training for everyone using your company’s equipment, devices, and networks. We know that most agencies do not have enough teams or resources to develop solid strategies against cybersecurity threats. This is where the preventive approach becomes the best resource investment decision, because without a smart cyber defense scheme, the monetary and reputational costs are often incalculable and difficult to recover. In the face of cybercrime, a good defense is definitely the best offense.

¹Sara Lasso de La Vega, Cybersecurity Account Manager, Motorola Solutions

*** Translated by the DEFCONPress FYI Team ***

By admin