IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Former DHS CISA director Christopher Krebs warns of new critical infrastructure threats

Welcome to the latest issue of The Districts, where we chronicle the people, issues and activities impacting special districts across the U.S.

Krebs-Social-2-600px.jpg
Special districts – particularly critical infrastructure operators – should brace for an increase in disruptive cyberattacks connected to Russia’s war on Ukraine, warned Christopher Krebs, former director of the federal Cybersecurity and Infrastructure Security Agency (CISA), during a live Special Districts Program webcast in April.



Krebs, who was CISA director from 2018 to 2020, said Russian cyber operations could begin targeting the U.S. and its NATO allies in retaliation for tightening economic sanctions on Russia and growing military aid to Ukraine.



“There’s a belief that Russia may start causing us pain here,’” said Krebs, who is now a private cybersecurity consultant. Key takeaways from this important session include:

Take federal cybersecurity alerts seriously: Krebs called President Biden’s recent warning about potential attacks on critical infrastructure unprecedented in its urgency. He also pointed to a joint CISA/FBI alert in March about possible threats to satellite communications networks commonly used by water districts, power providers and other critical infrastructure operators to connect remote facilities.



“They don't issue those alerts just for giggles; they're trying to send a message,” Krebs said. “So you really need to think about how you're configuring your operational technology.”

Everyone is at risk: Krebs said attackers often target midsize and small organizations with weak cybersecurity defenses. These attacks could seek to cause panic by shutting down vital government services or extract payments through ransomware. Community water and energy districts — which have strong motivation to fork over payments to avoid service disruption — could be at particular risk.

Prioritize protection: District leaders must prioritize security improvements to cope with the heightened threat environment. That may mean moving up deployment timelines for cyber-protection measures such as multi-factor authentication and delaying projects that aren’t related to security. “This is anything but business as usual,” Krebs said.

Watch the recorded webcast.



An Idea Worth Sharing

The Emerald Coast Utilities Authority — a water, wastewater and sanitation services provider in Pensacola, Florida — recently launched a cybersecurity management program to increase security awareness among employees and implement new protection mechanisms. The program, known as Securing the Sector, has reduced the number of employees who click on phishing emails and addressed a range of vulnerabilities related to ransomware and other cyberattacks, the authority says. Results include:

• Cutting the employee click rate on suspicious emails from 25% to 2.5%

• Eliminating almost 200 unused Active Directory accounts

• Improving update and patch rates for servers and end-user devices

Read more about the program in our online National Innovation Showcase. Have your own great idea to share? Tell us about it!



Join Our Board

The Special Districts Program is designed for special districts by special districts. Our advisory board — a diverse group of officials from special districts across the United States — helps us live up to that promise by defining the program’s mission and shaping our events and written content throughout the year. We’re seeking a few new board members to fill vacancies. Sound interesting? Get in touch with program director Omar Sandoval to learn more.



District Spotlight: New Safeguards for Critical Infrastructure

Federal lawmakers are looking to boost cybersecurity protection for power grids, water systems, pipelines and other critical infrastructure.



“From where I’m sitting, one thing is clear, the U.S. desperately needs to revamp the playbook it uses for critical infrastructure cybersecurity,” said Rep. Yvette D. Clarke, D-N.Y., at a recent hearing of the House subcommittee on Cybersecurity, Infrastructure Protection and Innovation.



Clarke, who chairs the subcommittee, is working with other subcommittee members on legislation that would codify “systemically important critical infrastructure” sectors. Federal security and intelligence agencies then would be granted authority by Congress to provide greater cybersecurity assistance and intelligence sharing with these sectors.



The effort comes on the heels of a new law Congress passed as part of the fiscal 2022 omnibus spending bill that requires critical infrastructure operators to report any cyberattacks they suffer to CISA.



Read more.