Print Systems and Processes Targeted by Global Threats
The threat targets are various, and most are well-known, such as the 16 critical infrastructures identified by the Department of Homeland Security (DHS).
- Chemical sector
- Communication sector
- Dams sector
- Emergency services sector
- Financial services sector
- Government facilities sector
- Information technology sector
- Transportation system sector
- Commercial facilities sector
- Critical manufacturing
- Defense industrial base sector
- Energy sector
- Food and agriculture sector
- Healthcare and public health sector
- Nuclear reactors, materials, and waste sector
- Water and wastewater systems sector
There are several examples of bad actors targeting these sectors, such as the recent January 2021 cyber-attack of a water treatment plant in the city of Oldsmar near Tampa, FL, which several news media outlets reported. This breach was against one of the DHS’ identified sectors, the water and wastewater systems sector; hackers increased sodium hydroxide in the water to dangerous levels.
Another attack covered by the media was the Colonial Pipeline attack; hackers took down the most significant U.S. pipeline, which led to gas shortages along the East Coast. Hackers gained access to the network through a compromised password, then they used the Virtual Private Network (VPN), which did not use two-factor authentication.
Targeted Areas of Interest by Nation-State Actors
Nation-state actors invest heavily in their goals and objectives; these objectives can be short or long-term missions requiring various resources. According to Kose (2021), nation-state motivations varies among nations; however, significant interests are in the areas of:
- Intellectual Property (IP)
- Political and governance interference
- Military technology
Several campaigns have targeted economic espionage in different countries around the world, including targeting specific sectors. China is well known for its espionage capabilities, as they have several APT groups tasked with stealing intellectual properties across the globe. According to Kose (2021), their primary interest is cutting-edge innovations in healthcare, technology, aviation, and transportation; therefore, they target large companies working on research for the satellite industry, aerospace, and communication.
Political and Governance Interference
Foreign countries are interested in the decision-making process for the political influence of other countries and leading the charge in Russia. With the use of online disinformation, cyber intrusion, and corrupted insiders, these state-sponsored hacking groups are trying to interfere with politics and government around the globe.
The U.S. has been targeted by the Putter Panda, a Chinese APT group that has shown great determination and capabilities in conducting reconnaissance and intelligence gathering. According to Kose (2021), CrowdStrike reported that the Chinese group targets the U.S. Defense, Research institutions, and technology sector.
This is a reminder that America’s critical infrastructure is poorly secured against cyber-attacks. The resources for this week will expand on the topics discussed this week and provide further thought leadership.