• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us
Practices to Keep Critical Infrastructure Safe

Why we Should be Concerned About Critical Infrastructure Vulnerabilities

March 31, 2022 Posted by Nick Reed IT Security

As tensions rise between the United States and Russia amid the conflict in Ukraine, critical infrastructure (CI) operators should increase their readiness for an attack. A CI disruption could bring the U.S. economy to a halt and previous attacks such as the Colonial Pipeline, JBS foods, and SolarWinds are testaments to the power of a well-executed cyber-attack. Russia has previously demonstrated its willingness to use destructive cyberweapons on infrastructure, and it has done so again.

At the outset of the Russian invasion of Ukraine, the link between satellites that controlled over 5000 wind turbines was severed. The Russian interference with turbines scattered across central Europe was a demonstration of Russia’s cyber ability, and a reminder to Europe that the continent is still dependent on Russian energy.

Harsh sanctions imposed by the U.S. and its allies have been met with promises of retaliation by Russian leadership, only serving to increase hostility. The Ukrainian electrical grid hacks of 2015 by Russian hackers should serve as a stark reminder to CI stakeholders. The consequences of having inadequate protections in place can have physical impacts on operational technology systems like death, injury, damage to property, and even environmental damage. Since 2015, Ukraine has served as a testing ground for Russian cyber capabilities on CI and it can be expected that their capabilities have improved. Below is a basic guide through the 2015 Ukrainian power grid hack to illustrate the complexity of attack methods CI stakeholders should prepare for.

The 2015 Ukrainian Power Grid Hack Overview

  • Spear-phishing of IT staff and admins occurs with BlackEnergy3 malware hidden in macros of word documents.
  • Malware successfully infected devices, allowing for remote access.
  • Power grid systems were extensively mapped for months without notice.
  • To prevent detection, protective measures in infrastructure were destroyed by hackers
  • Hackers took control of SCADA systems and substations were switched off.
  • KillDisk malware destroyed files on servers and workstations.
  • Denial of service attacks were placed on customer service centers to keep civilians in the dark.

The Russian invasion has been met with stiff resistance by Ukrainians, only adding to concerns that a cyber response from Russia is forthcoming.Any method to gain superiority may be considered by Russia, especially if the invasion proves unsuccessful and urgency increases. So far, there has been a surprising lack of cyber activity from Russia outside of the satellite link removal and DDoS attacks on Ukrainian government websites. However, this could change in an instant. The US Department of Homeland Security issued an alert to businesses in mid-February cautioning that Russian cyber-attacks are likely.

Here are 6 best practices to keep CI safe

  • Scan for vulnerabilities and misconfigurations on firewalls, applications, and operating systems.
  • Train employees to respond to social engineering with an emphasis on phishing.
  • Ensure proper monitoring and logging of systems are deployed to detect anomalies and use automation when possible.
  • Institute privileged access management to prevent privilege escalation or unauthorized lateral movement within systems.
  • Test business continuity and incident response plans regularly.
  • Increase system visibility and inventory of all IT/OT components.

Working towards the implementation of these best practices now can increase resiliency while limiting the impact of cyber-attacks on CI. OCD Tech can assist in bolstering your organization’s security with specialized services including vulnerability assessments, security awareness and phishing training, as well as privileged access management services.

Share
0

About Nick Reed

Nick Reed is Security Analyst at OCD Tech. He has a Masters Degree in Cybersecurity: Policy & Governance from Boston College. Previously, he received his Bachelor's Degree in Criminal and Social Justice from Boston College.

You also might be interested in

CHOOSING CYBERSECURITY

Choosing Cybersecurity

Apr 23, 2024

OCD Tech vs. The Rest  As cybersecurity experts who understand[...]

OCD TECH. CISA CERTIFICATION

CISA CERTIFICATION

May 26, 2023

If you’re looking to advance your career in IT security,[...]

Boston Cybersecurity Consulting

OCD Tech Team Passes CIS v8 IG1

Oct 28, 2021

No one likes being audited. It’s not like we get invited to a lot of parties. But it’s an important part of ensuring trust and transparency in your environment.

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next