The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a “Shields Up” alert to U.S. businesses and organizations to increase protection against potential cyberattacks.
Russia’s February 23 invasion of Ukraine heightened concern about Russian cyberattacks against Ukraine and its allies, which may directly or indirectly affect U.S. businesses and other organizations.
Ukrainian banks and government institutions were forced offline by several cyberattacks this month—including a mass-distributed direct denial of service (DDoS) attack on Feb. 23—that are believed to have originated in Russia. A DDoS attack involves a hacker flooding a network or server with so much traffic that legitimate users are unable to access it.
Although there is no confirmed threat to the United States at this time, CISA analysts are concerned about the potential impact on U.S. businesses, agencies and other entities.
For electrical contractors, cybersecurity is a relevant concern because companies, especially smaller ones, may be particularly vulnerable to ransomware attacks and other cyber-intrusions. The proliferation of connected devices means that ECs’ customers are also vulnerable cyberattacks.
“For us in the information and communications technology (ICT) and systems integration industry, the focus has been codes and standards for safeguarding people and property, and system performance,” said Jeff Beavers, NECA’s executive director of network integration and services. “The proliferation of connected devices, estimated to be 75 billion by 2025, brings to the forefront another area of standardization, and that is cybersecurity. Just as we’ve worked to get ICT to be a requirement of any project, beginning from the conceptual phase, so too does a cybersecurity program—from the framework to implementation, over the life of the system.”
CISA recommends that business owners take proactive steps to deter possible cyber intrusions, quickly detect potential breaches on their network, prepare a plan of action in case an intrusion occurs and maximize the organization’s resilience to a potential cyberattack. For example, ensuring that all software is up to date can prevent hackers from exploiting known vulnerabilities. More detailed steps for each of these recommendations are available at www.cisa.gov/shields-up.
CISA also offers a comprehensive catalog of free cybersecurity services and tools that electrical contractors can use to enhance the security of their businesses’s and customers’ networks.
For more on cybersecurity and how ECs can beef up their efforts to protect themselves and their customers, read “Keep Your Customers Cyber-Safe,” ELECTRICAL CONTRACTOR, March 2022.