Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

The election’s over, but threats to government and critical infrastructure don’t stop

By Rudolph Araujo
cybersecurity breach
December 8, 2020

At a time when the world is gripped by a virulent pandemic, there is perhaps no greater critical infrastructure than the nation’s hospitals that are treating Covid-19 and other patients. It’s not hard to imagine the ramifications if even a few of those hospitals were incapacitated and unable to fully care for the sickest among us – because it’s already started to happen.

Heartless attackers used ransomware to disable computer systems at healthcare facilities in Oregon, New York, Vermont, Michigan and Wisconsin in October. The FBI and other federal agencies have issued warnings about “imminent cybercrime threats” aimed at the nation’s healthcare providers.

And it’s not just the healthcare industry that’s vulnerable. According to the security consultancy Kroll, ransomware has been the most observed threat across its client base in 2020, accounting for over a third of security events. While the volume of ransomware has steadily increased, it has also materialized into one of the most destructive types of attacks because it elicits a “deer in headlights” reaction from defenders and creates a newsworthy event by very publicly crippling an organization.

When we hear the term “critical infrastructure,” we want to believe that the assets – whether they are physical or digital – are extremely secure. Our minds conjure images of the vaults of Fort Knox, which are protected from every angle. However, critical infrastructure of the digital variety is not necessarily any more secure than any other digital asset. It all comes down to how meticulous the organization is in looking for and quickly closing vulnerabilities and security gaps that expose an attack surface for a bad actor to exploit.

In fact, many of the successful ransomware attacks this year made their way into environments by first exploiting vulnerabilities in completely different parts of an organization or even its supply chain. Remote attackers often exploit unpatched servers, misconfigurations, compromised credentials, and other conditions that demonstrate poor security hygiene.

Researchers at Awake Security recently examined one such form of critical infrastructure: that which supports the national election process. The research analyzed the attack surface for state and local government organizations. The non-partisan, purely technical assessment focused on using only publicly available information to identify the external facing infrastructure that could be targeted and infiltrated by an outside attacker. The team studied and reported on the vulnerabilities that could be used by an attacker looking to gain a foot hold, spread laterally, launch attacks and cause disruption, spread disinformation or establish a path to the crown jewels of election infrastructure. (For details on how this was done, read the report The Day After the Elections: The Attack Surface That Could Undermine Our Trust in the Elections.)

It’s important to note that the country’s election infrastructure is not one monolithic system that is centrally controlled. Rather, the equipment and systems are actually owned and operated by thousands of individual state and local government agencies. This latter fact contributes to a high level of vulnerability, especially now when budgets to secure elections at the local level are very constrained. So, the results of the Awake Security research should come as little surprise.

In short, researchers found:

  • Thousands of Internet-facing applications, many of which appear to be running vulnerable and, in some cases, decades old software
  • States and counties exposing services like Kerberos that have been previously exploited in attacks such as WannaCry and ZeroLogon
  • Common vectors for ransomware and other destructive attacks within the state and county infrastructure

Fortunately, cybersecurity experts at the Department of Homeland Security declared that the 2020 U.S. election was one of the safest and most secure in recent history, but given the massive number of vulnerabilities throughout the computer systems, the outcome could have been quite different. And just because the election is over, doesn’t mean these vulnerabilities disappear. There are still many adversaries looking to wreak havoc at all levels of government and the focus on cybersecurity around the election should serve as a clarion call to shore-up cyber defenses.

Critical infrastructure in other industries have their weaknesses, too. Utilities, public transportation and the U.S. defense industrial base have all been targeted for attack. Threats to organizations in these critical sectors, if carried out, could have dire impact beyond just the company or agency involved.

While many organizations and agencies are operating under constrained budgets today, security of digital critical infrastructure must be prioritized. Owners of the assets should be following these best practices.

  • Understand the assets – Do a complete and thorough discovery of all assets to fully understand what must be protected and what your attack surface truly is – it often isn’t what your first impression is.
  • Look for existing compromise – Do a compromise assessment to learn if any parts of the network already have a hidden compromise or signs of previously unknown compromise.
  • Use the proper tools – Implement the tools that can monitor for threats, misconfigurations, and other weaknesses and automate response and remediation to reduce time to neutralize the problems that are found.
  • Mind the gaps – This goes back to the first bullet; organizations are typically aware and therefore monitoring and protecting only about 40-50% of the attack surface. The rest are often beyond the purview of even the best endpoint security tools e.g., IoT devices or shadow IT / cloud infrastructure. As a consequence, this puts these assets beyond the visibility of even the best security team.
  • Isolate critical assets – First identify the assets that are more critical to business operations and then consider solutions like network segmentation and multi-factor authentication to protect these assets and to monitor and prevent the lateral spread of threats.
  • Implement ZTNA – Use zero trust network access techniques to ensure access is not based on assumptions such as a secure perimeter. Remember these days almost every threat at some level manifests as an insider threat – even if it is the result of stealing a victim’s credentials.
  • Make security a continuous process – The practices above aren’t a one-time thing. Security must be a continuous process.

With dedication and diligence, following the best practices above can reduce the risk of cyber threats against digital critical infrastructure.

KEYWORDS: critical infrastructure cyber security ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Rudolph araujo

Rudolph Araujo leads Awake’s marketing team and is responsible for all aspects of positioning, messaging, demand generation, communications, and related activities. Prior to Awake, Rudolph ran the globally-distributed product marketing team at FireEye. Previously, he helped lead the company’s Incident Response practice at FireEye Labs, where he worked with customers to help them respond to breaches. Before FireEye, Rudolph led security consulting teams at Foundstone and McAfee. He earned a degree in computer engineering from Goa University and a master’s from Carnegie Mellon University.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

patient at healthcare reception desk

Almost Half of Healthcare Breaches Involved Microsoft 365

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • SEC0719-Privacy-Feat-slide1_900px

    Growing cybersecurity concerns create opportunity for competitive advantage

    See More
  • riskmanagement-fp1170x658v57.jpg

    The rise of phygital attacks on critical infrastructure — and how to stop them

    See More
  • 5 mins with Hamilton

    5 minutes with Mike Hamilton – The biggest threats to the critical infrastructure

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products

Events

View AllSubmit An Event
  • September 3, 2024

    From DDoS Protection to WAAP: How Layered Protection Enhances Your Cybersecurity Strategy

    ON DEMAND: By participating in the webinar, attendees will gain enhanced knowledge of cyber threats and understand the current spectrum of cyber threats facing businesses.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing