Strong multi-factor authentication key to protect critical infrastructure providers

As critical infrastructure providers and their assets become increasingly digitalized and connected, these industries must have strong, modern, phishing-resistant multi-factor authentication methods to ensure they are not vulnerable to the number increasing number of ransomware attacks, according to Yubico.

Recent revisions to the Australian Security Law Amendment (Critical Infrastructure) (SOCI) Act 2021 represent one element of the government’s response to the growing cyber threats facing Australian critical infrastructure organisations.

Previously, the SOCI Act covered key industries such as electricity, gas, water and seaports, but the Act now extends coverage to encompass 11 sectors now deemed critical. These include communications, financial services and markets, data storage and processing, defense industry, higher education and research, energy, food and groceries, health and medical care, space technology, transportation, water and sewer.

According to findings published by the Australian Cyber ​​Security Center (ACSC) in the ACSC’s annual Cyber ​​Threat Report, cyberattacks are increasing in severity and frequency at the rate of one reported attack every eight minutes. The report also found that around a quarter of cyber incidents reported to the ACSC in the 2020-21 financial year were associated with Australia’s critical infrastructure or essential services.

Geoff Schomburgk, Yubico’s vice president for Asia-Pacific and Japan, welcomes the additional sectors rightly classified as critical infrastructure, but says these vital service providers simply cannot afford to wait until an attack occurs.

“Having a ransomware mitigation plan is a step towards minimizing risk, with phishing-resistant MFA the key to securing the necessary accounts,” he says.

MFA is a security measure that requires two or more proofs of identity to verify users and grant them access to online accounts. It’s a simple process that uses a combination of something the user knows (PIN, secret question), something they have (card, hardware token, YubiKey) or something they are (fingerprint or other biometric).

According to Schomburgk, ensuring that an organization and its employees have strong MFA systems that don’t rely on basic mobile MFA, such as SMS or mobile authentication apps, is a good way to mitigate malware attacks. ransomware.

“While not all authentication is created equal, and passwords and other legacy methods are vulnerable to different types of attacks, the most important action is to protect personnel working in these newly classified critical infrastructure industries. , as well as their online accounts, with some form of modern MFA,” he says.

“We all know how disruptive it is when a transportation system like a rail network is shut down, but can you imagine the chaos that would ensue without access to stolen food, water or medical data? Unfortunately , there will continue to be exponential growth in ransomware attacks as more criminal groups seek to exploit vulnerabilities in critical infrastructure assets,” Schomburgk said.

“Having a ransomware mitigation plan, which MFA is part of, will help reduce risk and pay off when you need it most,” he said.

In the United States, the average ransomware recovery cost in 2021 was approximately $2.39 million, including ransom, downtime, lost sales, operational costs, and legal fees. Ransomware attacks involving more sensitive or critical data or systems brought costs down to around $5.85 million, even more than the normal average data breach cost (around $5.83 million). More than 57% of victims end up making a payment to get their data back or to prevent it from being exposed, but only get all their data back after paying the ransom.

Schomburgk says there is a common misconception that preventing ransomware attacks is all about preventing individual users from opening a window by clicking on suspicious links that download malware onto systems or computers. But in many cases, weak authentication systems can allow attackers to gain access to a system, impersonate an authenticated user, and place ransomware in the most dangerous locations.

“Whether it’s for business or just everyday use, everyone relies on critical infrastructure to help them do their jobs,” he says.

“Without them there is massive disruption and Australia’s national security is at risk. Governments and private businesses cannot afford to wait or not further strengthen their IT processes. Time to act now is to adopt more secure authentication methods, as the alternative option will come at great expense.”

Comments are closed.