Infrastructure ProtectionProtecting U.S. Critical Infrastructure from Cyberattacks

Over the past year, there has been a sharp increase in cyberattacks using malware to target the systems of critical infrastructure such as utility companies, government agencies and organizations that provide services and products that we rely on daily. According to a report from the cybersecurity firm CheckPoint Software, in the first half of this year, there was a 102% increase in these types of attacks compared to 2020. 

One of the biggest this year was the ransomware attack on the Colonial pipeline, where hackers gained control of the control room computers and demanded a $4.4 million payment before they would return the system back over to the company.

The Colonial pipeline supplies about 45% of the East Coast’s oil and diesel fuel supply, and they were offline for several days due to the attack. This not only impacted the company’s bottom line, but it also affected consumers as a major fuel supplier went offline for several days.

If that wasn’t bad enough, it was recently announced that the company had to notify employees that their personal data may have also been compromised during the attack. 

A few weeks later, global meat supplier JBS Foods paid an $11 million ransom after an attack that caused them to temporality suspend meat processing at their plants. As a result, there was an uptick in beef and pork prices.

“In years past, a lot of internet attacks were done for fun, but these days they are all for profit,” said Dr. Guofei Gu, professor in the Department of Computer Science and Engineering at Texas A&M University. “The most popular, and profitable, type that we see nowadays is ransomware.” 

Ransomware is an advanced type of malware that installs itself onto a user’s machine or device undetected, encrypts their data files rendering them inaccessible and demands a ransom payment to decrypt them. But even if the ransom is paid, the decryption process to get the files back to normal is a slow one.