The war on critical infrastructure is here

By John Higginbotham
CEO, Blue Ridge Networks

The cyberwar on critical infrastructure is here. Unlike cyberattacks in the past traditionally motivated by profit, the goal now seems to be the destruction of Western society. Corporate leaders in America should listen to President Biden when he says it’s our patriotic duty to be vigilant and protect ourselves from Russian cyberattacks amid the invasion of Ukraine.

This isn’t the first war Blue Ridge Networks has been through, and I doubt it will be the last. But it’s clear this war has the potential to change everything. That’s why we are protecting our clients on the frontline and urging IT leaders to reimagine what they’re doing to insulate their networks from bad actors.

Recently, Ukrainian officials said they thwarted a Russian cyberattack that could have knocked out power for 2-million people in the country. About a month ago, Anonymous hackers attacked the pipelines and refineries of Rosneft Deutschland, the German subsidiary of a Russian state-owned oil company, as part of an effort to punish Russian interests  for the war in Ukraine.

I bring up these two specific attacks not only because of their national security implications, but also because they demonstrate that increased attacks are coming from both state actors and loosely aligned groups whose members may never be fully identified.

The IT world is trained to approach cybersecurity problems in an environment of visibility—determining who is accessing your network from where for what effect. But the biggest problems we face today comes from our lack of perfect visibility. Gartner has estimated there is insufficient visibility in up to 70 percent of network operations in critical infrastructure to assess vulnerabilities. Breaches increasingly occur from unknown and undetectable threats . Most breaches aren’t discovered until months or even years after the fact. Our critical infrastructure can’t afford to wait that long. When the problem reveals itself, it’s already too late.

Traditional cybersecurity products based on detection and response methodologies are increasingly ineffective in protecting against zero-day malware, which have no virus definitions or signatures. Even heuristic and AI scanning can’t protect against many forms of sophisticated, targeted new cyberthreats designed to avoid detection. IT cybersecurity approaches are often not compatible with legacy operational technology (OT) infrastructure such as industrial control systems, rendering them vulnerable to cyberattacks. Healthcare, transportation, energy, agricultural, water management, and other critical infrastructure sectors now all face incredible risks to maintain operations in this zero trust environment.

Innovative zero-trust solutions designed to prevent breaches from occurring such as LinkGuard and AppGuard from Blue Ridge Networks are able to protect critical infrastructure and operations by eliminating vulnerabilities to cyberthreats. LinkGuard effectively segments networks, isolating and containing vital network assets from discovery and data exfiltration. AppGuard breach prevention uses patented techniques to stop ransomware and other zero day threats without detection. These solutions elegantly remove the dependency, complexity, and overhead to autonomously prevent breaches.

We’re all in this together.  Blue Ridge Networks is committed to making it easier and more effective for businesses to do our patriotic duty to protect ourselves and our national assets.