Cybercriminals don’t just target Fortune 500 companies anymore. Instead, they target full governments, small businesses and even a nation’s infrastructure. These attacks place entire nations in jeopardy, so more and more people need the cybersecurity skills to defend against them.
Engineers must be able to support the integrity of their sites, both in the physical and online realms. Here, we discuss threats to the engineering industry and how to guard against them.
The most infamous cyber threats in the engineering industry
Infrastructure is currently under attack by nation-state actors and cybercriminals. The engineering industry is a high-profile target for state-sponsored hackers engaged in cyber espionage. These criminals are looking to gain critical and sensitive information from other governments about their infrastructure, steal intellectual property for technological innovation and uncover information from foreign governments that are in competition for the same projects to gain an unfair advantage.
Some of the threats facing the engineering industry include:
Firmware
The Ukraine was hit by the first known attack on a power grid after hackers used malicious firmware to override critical devices at 16 substations, leading to the loss of power for hundreds of thousands of residents.
Ransomware attacks
On May 7, 2021, a major pipeline in the U.S. reported that it had stopped systems for 5,500 miles of pipeline after it discovered a ransomware attack targeting its operations. The pipeline, Colonial Pipeline, carries gasoline and jet fuel from Texas to New York and is responsible for 45% of the East Coast’s fuel supplies.
Ransomware attacks involve a cybercriminal who gains unauthorized access to a system, takes it over and refuses to allow the owner to access their own system unless they pay a ransom.
The pipeline is only the latest in a long line of ransomware victims in the disturbing trend of rising attacks. The District of Columbia Police Department reported that its data had been leaked after an April 2021 ransomware attack. That made the D.C. police the third police agency to be hit and the 26th government agency to be targeted. Of these incidents, 16 were part of a unique extortion scheme in which the criminals leaked data from the agency if it refused to pay.
Just as COVID-19 cases began to surge in the U.S., government officials warned that cyberattacks were targeting hospitals, clinics and medical complexes, threatening to take the medical facilities offline if they refused to pay multimillion-dollar ransom payments.
Internet of things attacks
With more devices connected to the internet than ever before, hackers have more potential entry points into infrastructure. The U.S. Department of Homeland Security warned that internet of things household devices could be compromised to assist with infrastructure attacks after major websites including Twitter, PayPal and Spotify were taken down.
Denial of service attacks
The Ukraine power grid attack also involved a denial of service attack so that when customers tried to report the power outage, they would be unable to.
Belgium suffered a widespread denial of service attack on May 4, 2021, that targeted a government-funded ISP providing internet services to government, educational organizations, research institutions and scientific institutions. The attacks caused a delay in meetings for the Belgian Parliament and the cancellation of scheduled virtual events. Remote learning at some educational institutions was also disrupted.
Importance of cybersecurity skills for engineers
Engineers are responsible for the structural integrity of infrastructure, and those who understand the cyberthreats in their industry can help create newer and more sophisticated infrastructure that can withstand these attacks. Technologically savvy engineers can take precautions to mitigate risk in their projects, such as distributing infrastructure across multiple areas in case one piece of the project is susceptible to attack. They can also work in conjunction with security experts to develop systems that prevent infiltration of cybercriminals and nation state-actors.
How to prevent cyberattacks in engineering
Specific steps that engineers can take to prevent cyberattacks include:
- Developing cybersecurity policies — The time for cybersecurity policies is before any threat from an outside (or inside) threat surfaces. Develop strong cybersecurity policies that communicate the expectations of your team’s digital actions and disseminate this information across the organization.
- Installing VPN-capable firewalls — A VPN-capable firewall lets users encrypt communications so that data is safely accessed from any location. It can prevent brute-force attacks and intrusion attempts.
- Implementing full-disk encryption — This level of encryption protects every device that accesses an organization’s system. Therefore, if a device is ever lost or stolen, the organization and data will still be protected.
- Implementing security awareness training — Any team member with access to a system should know about cybersecurity, phishing scams and technological vulnerabilities.
- Requiring security keys — Since humans can pose one of the biggest security risks with weak passwords, requiring the members of a team to use security keys that keeps them secure when using all programs can easily prevent an attack.
- Using a password vault — It is difficult for many people to keep track of unique passwords, so they may default into using simple passwords that are easy to hack. Password vaults can help develop sophisticated passwords that team members do not have to remember. They just have to remember the master password to access the password vault.
- Conducting routine testing — Teams should be dedicated to test the effectiveness of their IT systems and cybersecurity measures.
- Activating auto updates — When systems and software are up-to-date, an organization is less likely to be successfully infiltrated. When a security vulnerability is discovered, updates are sent to affected systems and programs to patch the security hazard. With auto updates, you can always be the first to receive these important patches.
- Installing malware scanners — Don’t wait for a security threat. Proactively set systems up to look for security threats and identify other security vulnerabilities.
Reporting cyberattacks
Hopefully, engineering firms will never experience a cyberattack. However, if you do, it is best to be prepared. Develop a crisis response plan before an attack ever occurs so that the procedures are clear and can be followed by your team. Practice an incident response plan so that the organization would know what to do if an attack happened. Use best practices to securely back up data to enable quick recovery, if necessary.
It is critical to act quickly if a cyberattack occurs. Follow these steps to mitigate harm:
- Follow the instructions in your company’s cybersecurity plan
- Disconnect the affected device from the network
- Contact IT leadership
- Restore backups when instructed to do so
- Switch to paper operations if advised to do so
- Report the incident to the authorities
Conclusion
Engineers serve a vital role in the integrity of a nation’s infrastructure. With cybersecurity skills, they can further protect infrastructure from bad actors who threaten it.
About the author
Ben Hartwig is a web operations executive at InfoTracer who takes a wide view from the whole system. He authors guides on entire security posture, both physical and cyber.