Every Australian relies every day on energy, food, water, transport, communications, health, and banking and finance services. These essentials support our way of life and underpin our economy, security, and sovereignty. Therefore, disruptions to those critical infrastructures can cause significant, if not disastrous, impacts.
Rising Risks to Our Critical Infrastructures
Cyber actors have been targeting critical infrastructures in recent years, like Medibank, Optus, and Latitude. More recently, an unauthorised network access occurred at DP World Australia, compromising employee data. It forced the business to go offline, disrupting their Brisbane, Sydney, Melbourne, and Fremantle operations; goods were stranded in ports for around 10 days.
For the FY 2022-23, the Australian Signals Directorate (ASD) noted 143 reports of cyber incidents against critical infrastructure. These were primarily due to compromised accounts/credentials, compromised assets/network/infrastructure, and denial of service (DoS). Meanwhile, the global trend points to an estimated hundredfold increase in attacks on critical infrastructure by 2027.
Wanted: A Strong Response Strategy
A response strategy is critical to ensure that your organisation is prepared to deal with cyber incidents effectively. It can help minimise the impact of an attack.
Critical infrastructures are also required to have a formal incident response plan in place as per the regulations they need to comply with such as the Security of Critical Infrastructure Act 2018 (SOCI). This law details the legal obligations for owners and operators of critical infrastructure assets, including notification duties and government support in case of incidents. The Act applies to these sectors.
Queensland for instance has outlined a Cyber Security Hazard Plan to mitigate cyber incidents with state-wide or national impacts, that can lead to a response strategy tailored for your organisation:
- Prevention: Understanding and minimising the cyber risks that could impact an organisation, the state, or the nation
- Preparedness: Reducing the consequences of an incident and ensuring effective response and recovery
- Response: Delivery of appropriate measures to respond to a cyber incident
- Recovery: Implementing post-incident strategies for recovering systems and restoring services
The strategy emphasies the need for the collective effort of individuals, community groups and organiations, local governments, businesses, the tertiary sector, the Queensland Government, and the Australian Government. This can be done through the Joint Cyber Security Centres (JCSC), a network to exchange information, collaborate, and share resources.
The ASD, via its Cyber Security Partnership Program, also works closely with businesses and individuals to provide advice and information about the most effective ways to protect their systems and data.
Best Practices for Securing Critical Infrastructure
How can you defend your organisation against cyber threats? Here are some best practices for the critical infrastructure sector.
| Prevention: Your First Line of Defence | |
| Find a Guiding Framework | A robust cyber security framework can help you plot a roadmap for enhancing your protection. At ADITS we follow the SMB1001. It has a clear, step-by-step path and a tiered approach, from essential hygiene practices to a more comprehensive security strategy. |
| Educate Your Team | Empower your staff to be your first line of defence. Train them regularly to equip them for identifying suspicious emails, recognising phishing attempts, and reporting potential threats. |
| Secure Your Systems | Properly set up your digital shield, with firewalls, anti-virus software, data encryption, and strong passwords, which are essential for keeping unwanted visitors out. |
| Preparedness: Be Ready for Anything | |
| Plan for the Unthinkable | Develop a comprehensive cyber incident response plan (CIRP). Outline the roles, responsibilities, and communication protocols in case of an attack. Conduct regular tabletop exercises to test your CIRP. Ensure everyone knows their part. |
| Stay Informed | Stay current on the latest and evolving threats and mitigation strategies. Subscribe to alerts from reputable sources like the ACSC. Knowledge is power – use it to stay ahead of the curve. |
| Collaboration is Key | Build strong relationships with industry peers and government agencies. Sharing information and best practices fosters a collective resilience against cyber threats. |
| Response: Act Swiftly and Decisively | |
| Early Detection | Invest in security monitoring tools to detect suspicious activity promptly. The faster you identify an intrusion, the quicker you can contain the damage and minimise disruption. |
| Follow Your CIRP | Be ready. When an attack hits, follow your CIRP. Ensure everyone communicates clearly while carrying out their well-defined roles. A well-coordinated response will help you mitigate the impact and get your systems back online quickly. |
| Seek Expert Help | Don’t underestimate the value of professional assistance. When faced with a major attack, consider engaging a cyber security services expert to guide your response and recovery efforts. |
| Recovery: Bounce Back Stronger | |
| Restore Normal Operations | Get your critical systems back online as swiftly as possible. Prioritise essential services and have backup and recovery plans in place to ensure minimal disruption. |
| Learn from the Experience | Every incident is a learning opportunity. Conduct a thorough post-incident review to identify weaknesses and improve your defences. |
| Keep Improving | Use lessons learned to continuously ensure your critical infrastructure remains resilient. Consider new technologies and enhance your training and awareness programs. |
Elevating Security with AI and Advanced Technologies
Artificial intelligence (AI) is now a cornerstone in fortifying cyber security for critical infrastructure. It can swiftly process vast datasets, identify subtle patterns, and adapt to novel threats, providing unparalleled efficiency and continuous learning.
But AI isn’t the only advanced technology enhancing cyber security. Here are a few more:
- Cloud Encryption, which can ensure data security in cloud-based platforms
- Extended Detection and Response (XDR), with improved threat detection and incident response capabilities
- Blockchain technology’s secure data storage capabilities can be leveraged for data integrity and authentication
- Generative AI (GenAI), which can detect and respond to cyber threats in new ways
Your Next Step: Assess Your Risk Factors
With employees being your first line of defence, ensuring continuity and proper emergency response begins with identifying your human risks. ADITS’ free Human Risk Report (HRR) will help you identify domain impersonation threats and released credentials. You will receive a comprehensive report with some actionable tips as well as a free phishing campaign to test your employees’ awareness.