2023 - Cyber Threats To US Infrastructure 

Cyber attacks in the US have significantly increased over the past year, with the health care system and other critical sectors being attacked as the threat of malware like ransomware and foreign spyware continues to evolve. 

2022 saw US government officials and lawmakers renew their focus on cyber security and seek to secure the country’s critical sectors from rising cyber threats. This issue is expected to increase in 2023, as many of those threats are still escalating while the cyber sector is confronting an ongoing workforce shortage in its efforts to bolster the US’s digital defenses.

In addition to deploying ransomware, the threat actors have used “double extortion” techniques, whereby they exfiltrate data and demand a ransom payment to decrypt it, then threaten to expose the data if a ransom payment is not made.

Threats To Critical Sectors

The financial, energy and health care sectors are all facing a skyrocketing number of hacks. Cyber attacks have robbed companies in those industries of hundreds of millions of dollars, exposed data and even disrupted essential services, as when a ransomware attack forced the Colonial Pipeline to shut down in 2021, causing gas shortages in several states.

The health care sector in particular has seen a rise in cyber attacks in the last few years, particularly ransomware attacks targeting hospitals in order to gain access to sensitive information like patient data or medical research and technology. In Washington, Senator Mark Warne, chairman of the Senate Intelligence Committee, has warned that cyber attacks could lead to delays in treatment and even patients’ deaths.

US officials have already stepped up their efforts to protect critical sectors from those evolving threats, and have indicated that doing so will remain a top priority this year. Securing critical infrastructure like the energy and health care sectors plays a key part in mitigating cyber risks. 

Ransomware Attacks

Recent years have seen an especially dramatic spike in ransomware attacks, particularly targeting the health care and financial sectors. Last year, ransomware groups caused outages in multiple hospital systems, temporarily closed schools in parts of the US, carried out multimillion-dollar hacks on a number of companies and drove Costa Rica to declare a state of emergency in May as a barrage of attacks impacted its government services.

Tackling ransomware at home and abroad is also expected to take precedence this year as the US and its allies have come together to counter the heightened threat.

In 2021, the Biden administration, along with several other countries, launched its first annual initiative intended to counter ransomware globally. In November 2022, the White House held its 2nd International Counter Ransomware Initiative Summit, in which it invited more than 30 countries to discuss steps they can take to curb the rise of ransomware globally. “Ransomware is a pocketbook issue that impacts thousands of companies and individuals every year globally,” the White House said in a press release.

During the summit, the countries laid out several initiatives, including establishing an international counter-ransomware task force, actively sharing information between the public and private sectors and taking joint steps to stop ransomware actors using the crypto-currency system. The ransomware task force, which is led by Australia, is expected to become operational in January.

CISA:    The Hill:     CybeReason:   Cyberscoop:    FirerceHealthcare:      Silicon Republic:    Security Week:    

You Might Also Read: 

Critical Infrastructure: A Flashing Beacon For Cybercrime:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible






 

« Dissent Over British  Internet Safety Laws
The Application Of Artificial Intelligence In Cybersecurity »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

Markel International

Markel International

Markel International is an international insurance company which looks after the commercial insurance needs of businesses. Specialist services include Cyber Risk insurance.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

HKCERT

HKCERT

HKCERT is the centre for coordination of computer security incident response for local enterprises and Internet Users in Hong Kong.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

A3Sec

A3Sec

A3Sec provides professional solutions in the areas of Cybersecurity, Device Monitoring, Business Intelligence and Big Data.

Start Left® Security

Start Left® Security

From Posture to Performance—The System That Improves How Software Gets Built.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Team Secure

Team Secure

Team Secure provide Enterprise-grade Cyber Security consultancy, managed security services and cyber security staffing services.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

Banyax

Banyax

Banyax provides 24×7 real-time Cyber Defense Center Services using the latest technology tools to provide state-of-the-art defense.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

National Cybersecurity Competence Center (NC3) - Luxembourg

National Cybersecurity Competence Center (NC3) - Luxembourg

The purpose of the is to strengthen the Country's ecosystem facing cyber Luxembourg National Cybersecurity Competence Centerthreats and risks.

METCLOUD

METCLOUD

METCLOUD is driving a cloud evolution. A cloud that promises relentless cybersecurity, performance, resilience and sustainability.