CNBC’s Lori Ann LaRocco interviewed Adam Isles, Principal and Head of The Chertoff Group‘s Cybersecurity practice, about cyber concerns within critical infrastructure sectors including intrusions at water treatment facilities and risks to U.S. Ports.
From CNBC State of Freight:
On Wednesday, Google’s cybersecurity firm Mandiant released a report that included analysis of a Russian-linked hacking group and a January attack of a water filtration plant in a small Texas town, Muleshoe, where a water tank overflowed as a result of a cyber intrusion.
“The town may be small but it is located in an arid part of Texas and is near Cannon AFB in Clovis, New Mexico,” said Adam Isles, head of cybersecurity practice for Chertoff Group, describing the location of the water filtration plant as “concerning.”
In November of last year, US officials said Iran was behind a cyberattack at a Pennsylvania water plant. Biden administration officials recently warned the nation’s governors about the threat to water systems. “Water is among the least mature in terms of security,” Isles said.
Also on Wednesday, a Biden Administration cybersecurity official urged the nation’s ports via conference call to have their data encrypted, rapidly patch any vulnerabilities in critical systems, and have a well-trained cyber team as hacks targeting key U.S. infrastructure increase. There are concerns that cranes manufactured in China and the software controlling them could pose a security threat.
Isles said it is important to identify the critical safety and business systems at the nation’s ports.
“We can’t protect everything, so you have to identify the high-value assets at the port,” he said. “You need to identify what is central to operating a port or central to an adversary.”
Isles says once the assets are identified, you need to have a continuous diagnosis of the operations and networks checking on their durability. “We need to assume these systems will be compromised at some point and need to address not only the minimal operating capacity but its resiliency and survivability. This helps achieve an offense-informed defense in cybersecurity,” he said. Equally important, Isles stressed, is deterrence. “There needs to be accountability for offenders.”
Read more on CNBC.
To schedule a consultation with The Chertoff Group Cybersecurity team, please email info@chertoffgroup.com.
