Krebs, who was CISA director from 2018 to 2020, said Russian cyber operations could begin targeting the U.S. and its NATO allies in retaliation for tightening economic sanctions on Russia and growing military aid to Ukraine.
“There’s a belief that Russia may start causing us pain here,’” said Krebs, who is now a private cybersecurity consultant. Key takeaways from this important session include:
• Take federal cybersecurity alerts seriously: Krebs called President Biden’s recent warning about potential attacks on critical infrastructure unprecedented in its urgency. He also pointed to a joint CISA/FBI alert in March about possible threats to satellite communications networks commonly used by water districts, power providers and other critical infrastructure operators to connect remote facilities.
“They don't issue those alerts just for giggles; they're trying to send a message,” Krebs said. “So you really need to think about how you're configuring your operational technology.”
• Everyone is at risk: Krebs said attackers often target midsize and small organizations with weak cybersecurity defenses. These attacks could seek to cause panic by shutting down vital government services or extract payments through ransomware. Community water and energy districts — which have strong motivation to fork over payments to avoid service disruption — could be at particular risk.
• Prioritize protection: District leaders must prioritize security improvements to cope with the heightened threat environment. That may mean moving up deployment timelines for cyber-protection measures such as multi-factor authentication and delaying projects that aren’t related to security. “This is anything but business as usual,” Krebs said.
Watch the recorded webcast.
An Idea Worth Sharing
The Emerald Coast Utilities Authority — a water, wastewater and sanitation services provider in Pensacola, Florida — recently launched a cybersecurity management program to increase security awareness among employees and implement new protection mechanisms. The program, known as Securing the Sector, has reduced the number of employees who click on phishing emails and addressed a range of vulnerabilities related to ransomware and other cyberattacks, the authority says. Results include:
• Cutting the employee click rate on suspicious emails from 25% to 2.5%
• Eliminating almost 200 unused Active Directory accounts
• Improving update and patch rates for servers and end-user devices
Read more about the program in our online National Innovation Showcase. Have your own great idea to share? Tell us about it!
Join Our Board
The Special Districts Program is designed for special districts by special districts. Our advisory board — a diverse group of officials from special districts across the United States — helps us live up to that promise by defining the program’s mission and shaping our events and written content throughout the year. We’re seeking a few new board members to fill vacancies. Sound interesting? Get in touch with program director Omar Sandoval to learn more.
District Spotlight: New Safeguards for Critical Infrastructure
Federal lawmakers are looking to boost cybersecurity protection for power grids, water systems, pipelines and other critical infrastructure.
“From where I’m sitting, one thing is clear, the U.S. desperately needs to revamp the playbook it uses for critical infrastructure cybersecurity,” said Rep. Yvette D. Clarke, D-N.Y., at a recent hearing of the House subcommittee on Cybersecurity, Infrastructure Protection and Innovation.
Clarke, who chairs the subcommittee, is working with other subcommittee members on legislation that would codify “systemically important critical infrastructure” sectors. Federal security and intelligence agencies then would be granted authority by Congress to provide greater cybersecurity assistance and intelligence sharing with these sectors.
The effort comes on the heels of a new law Congress passed as part of the fiscal 2022 omnibus spending bill that requires critical infrastructure operators to report any cyberattacks they suffer to CISA.
Read more.