• About Us
  • Contact Us
  • Editorial Calendar
  • Careers
  • The Cyber Express by Cyble Vulnerability Disclosure Policy
  • Cyble Trust Portal
The Cyber Express
  • MagazineDownload
  • Firewall Daily
    • All
    • Bug Bounty & Rewards
    • Dark Web News
    • Data Breach News
    • Hacker News
    • Ransomware News
    • Vulnerabilities
    EU-US Data Privacy Framework

    EU-US Data Privacy Framework Under Threat After Supreme Court Ruling

    Japan cyberattacks

    Japan’s Aflac, KDDI, Sapporo, Nidec: Four Breaches, One Common Entry Point

    Scattered Spider

    Alleged Scattered Spider Member Arrested in Finland, Extradited to U.S.

    AI Cyber Attacks

    AI Cyber Attacks Emerge as Biggest Threat to Indian Banking: RBI

    Apple Security Update

    Apple Security Update Patches 30+ Vulnerabilities in iOS 26.5.2

    Seized Crypto Assets

    Ukraine Makes History With First $8.3M Seized Crypto Transfer to ARMA

    Illegal World Cup Streaming Domains

    U.S. Seizes Nearly 400 Illegal FIFA World Cup Streaming Domains

    Operation Endgame Disrupts SocGholish

    Operation Endgame Disrupts SocGholish, StealC Malware Networks

    UAE Cybersecurity Council

    UAE Cybersecurity Council Calls for Stronger Digital Footprint Protection

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    FBI Warns of Malicious Traffic

    FBI Warns of a Hidden Web Tactic Fueling Phishing and Ransomware

    Ukraine Joins EU Cybersecurity Reserve

    What Ukraine’s Entry Into the EU Cybersecurity Reserve Means

    UK social media ban

    UK Social Media Ban for Under-16s Could Take Effect by Spring 2027

    Ransomware Preparedness

    Ransomware Preparedness Must Be a Boardroom Priority: NCSC Chief

    AI legal assistants

    AI Heads to UK Courts, Bringing New Cybersecurity and Governance Challenges

    VerdantBamboo

    China’s VerdantBamboo Experimented With Three Re-Entries and Three Malware in a Company Network

    Crypto Scam, Crypto

    New Threat Actor Targets Crypto Firms’ Development Infrastructure

    Pink, Pink Extortion, CL-CRI-1147

    Pink Extortion Group Emerges Targeting Microsoft 365 Data

    AI-Powered Bots

    AI-Powered Bots Are Blurring the Line Between Users and Cyber Threats

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Knowledge Hub
    • All
    • How to
    • What is
    Google Chrome

    How to Remove Saved Passwords From Google Chrome (And Why You Should)

    DPDP Rules, Cyble, DPDP Act, Cyble Vantage

    How Cyble’s Front-Row Vantage Can Help You in Complying to India’s DPDP Act

    Cybersecurity Countries

    The Top 8 Countries Leading the Cyber Defense Race in 2025

    link building

    The Link Building Secrets Your Competitors Don’t Want You to Know

    Supply Chain Attack

    Supply Chain Resilience and Physical Security: Lessons for 2025

    Healthcare cybersecurity trends of 2024

    Healthcare Cybersecurity: 2024 Was Tough, 2025 May Be Better

    CEO's Guide to Take-Down Services

    Shield Your Organization: CEO’s Perspective on Take-Down Services

    Azure sign-in Microsoft

    Microsoft Announces Mandatory MFA for Azure Sign-ins to Bolster Cloud Defenses

    Signal Proxy, Signal, Signal Ban in Russia, Signal Ban in Venezuela, Bypass Signal Ban, How to Activate Signal Proxy, Signal Proxy Server

    How to Set Up Signal Proxy to Help Bypass Censorship in Russia and Venezuela

  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Sunil Varkey

    Sunil Varkey Joins Hexaware Technologies as EVP & CISO

    AI Chip, Chip Security Act

    Congress Wants a GPS Tracker on Every Advanced AI Chip America Exports

    Fraud, Agentic AI, AI-assisted Cyberattacks

    Agentic AI Run Fraud Campaigns Earning 4.5 Times More: Interpol

    Stryker, Stryker Cyberattack, CISA, Handala

    Stryker Says Cyberattack Disrupted Processing, Manufacturing and Shipping

    INC Ransom, Western Critical Infrastructure, Critical infrastructure, Russian GRU, Russian Threat Actor, Sandworm, APT44, Energy Supply Chain, Energy Infrastructure

    INC Ransom’s Franchise Model Is Putting Critical Infrastructure on the Chopping Block

    Terrorist Cyberattacks, UAE Cyber Security Council

    UAE Blocked AI-Powered Terrorist Cyberattacks Targeting Critical Infrastructure

    Eurail Breach, Eurail

    Eurail Breach Escalates as Stolen Passport Data and IBANs Surface on Dark Web for Sale

    Discord teen-by-default settings

    Discord Introduces Stronger Teen Safety Controls Worldwide

    The Cyber Express cybersecurity roundup

    The Cyber Express Weekly Roundup: FortiOS Exploits, Ransomware, Hacktivist Surge, and EU Telecom Rules

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Conference
    • Webinar
    • Endorsed Events
  • Advisory Board
No Result
View All Result
  • MagazineDownload
  • Firewall Daily
    • All
    • Bug Bounty & Rewards
    • Dark Web News
    • Data Breach News
    • Hacker News
    • Ransomware News
    • Vulnerabilities
    EU-US Data Privacy Framework

    EU-US Data Privacy Framework Under Threat After Supreme Court Ruling

    Japan cyberattacks

    Japan’s Aflac, KDDI, Sapporo, Nidec: Four Breaches, One Common Entry Point

    Scattered Spider

    Alleged Scattered Spider Member Arrested in Finland, Extradited to U.S.

    AI Cyber Attacks

    AI Cyber Attacks Emerge as Biggest Threat to Indian Banking: RBI

    Apple Security Update

    Apple Security Update Patches 30+ Vulnerabilities in iOS 26.5.2

    Seized Crypto Assets

    Ukraine Makes History With First $8.3M Seized Crypto Transfer to ARMA

    Illegal World Cup Streaming Domains

    U.S. Seizes Nearly 400 Illegal FIFA World Cup Streaming Domains

    Operation Endgame Disrupts SocGholish

    Operation Endgame Disrupts SocGholish, StealC Malware Networks

    UAE Cybersecurity Council

    UAE Cybersecurity Council Calls for Stronger Digital Footprint Protection

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    FBI Warns of Malicious Traffic

    FBI Warns of a Hidden Web Tactic Fueling Phishing and Ransomware

    Ukraine Joins EU Cybersecurity Reserve

    What Ukraine’s Entry Into the EU Cybersecurity Reserve Means

    UK social media ban

    UK Social Media Ban for Under-16s Could Take Effect by Spring 2027

    Ransomware Preparedness

    Ransomware Preparedness Must Be a Boardroom Priority: NCSC Chief

    AI legal assistants

    AI Heads to UK Courts, Bringing New Cybersecurity and Governance Challenges

    VerdantBamboo

    China’s VerdantBamboo Experimented With Three Re-Entries and Three Malware in a Company Network

    Crypto Scam, Crypto

    New Threat Actor Targets Crypto Firms’ Development Infrastructure

    Pink, Pink Extortion, CL-CRI-1147

    Pink Extortion Group Emerges Targeting Microsoft 365 Data

    AI-Powered Bots

    AI-Powered Bots Are Blurring the Line Between Users and Cyber Threats

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Knowledge Hub
    • All
    • How to
    • What is
    Google Chrome

    How to Remove Saved Passwords From Google Chrome (And Why You Should)

    DPDP Rules, Cyble, DPDP Act, Cyble Vantage

    How Cyble’s Front-Row Vantage Can Help You in Complying to India’s DPDP Act

    Cybersecurity Countries

    The Top 8 Countries Leading the Cyber Defense Race in 2025

    link building

    The Link Building Secrets Your Competitors Don’t Want You to Know

    Supply Chain Attack

    Supply Chain Resilience and Physical Security: Lessons for 2025

    Healthcare cybersecurity trends of 2024

    Healthcare Cybersecurity: 2024 Was Tough, 2025 May Be Better

    CEO's Guide to Take-Down Services

    Shield Your Organization: CEO’s Perspective on Take-Down Services

    Azure sign-in Microsoft

    Microsoft Announces Mandatory MFA for Azure Sign-ins to Bolster Cloud Defenses

    Signal Proxy, Signal, Signal Ban in Russia, Signal Ban in Venezuela, Bypass Signal Ban, How to Activate Signal Proxy, Signal Proxy Server

    How to Set Up Signal Proxy to Help Bypass Censorship in Russia and Venezuela

  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Sunil Varkey

    Sunil Varkey Joins Hexaware Technologies as EVP & CISO

    AI Chip, Chip Security Act

    Congress Wants a GPS Tracker on Every Advanced AI Chip America Exports

    Fraud, Agentic AI, AI-assisted Cyberattacks

    Agentic AI Run Fraud Campaigns Earning 4.5 Times More: Interpol

    Stryker, Stryker Cyberattack, CISA, Handala

    Stryker Says Cyberattack Disrupted Processing, Manufacturing and Shipping

    INC Ransom, Western Critical Infrastructure, Critical infrastructure, Russian GRU, Russian Threat Actor, Sandworm, APT44, Energy Supply Chain, Energy Infrastructure

    INC Ransom’s Franchise Model Is Putting Critical Infrastructure on the Chopping Block

    Terrorist Cyberattacks, UAE Cyber Security Council

    UAE Blocked AI-Powered Terrorist Cyberattacks Targeting Critical Infrastructure

    Eurail Breach, Eurail

    Eurail Breach Escalates as Stolen Passport Data and IBANs Surface on Dark Web for Sale

    Discord teen-by-default settings

    Discord Introduces Stronger Teen Safety Controls Worldwide

    The Cyber Express cybersecurity roundup

    The Cyber Express Weekly Roundup: FortiOS Exploits, Ransomware, Hacktivist Surge, and EU Telecom Rules

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Conference
    • Webinar
    • Endorsed Events
  • Advisory Board
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Firewall Daily

Cyberattacks on Critical Infrastructure: A Ticking Time Bomb

Ashish Khaitan by Ashish Khaitan
October 29, 2024
in Firewall Daily, Cyber News
0
Critical Infrastructure
860
SHARES
4.8k
VIEWS
Share on LinkedInShare on Twitter

In today’s world, it’s hard to miss the constant buzz about cyber threats, especially when they hit critical infrastructure and sectors like energy, healthcare, and transportation. These attacks are not just increasing in number; they’re becoming more sophisticated, making it crystal clear that we need to step up our defenses.  

Take recent events, for example. In February, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and FBI teamed up with their partners to issue a serious warning. They alerted key infrastructure sectors about potential cyber threats, drawing attention to vulnerabilities that had already been exploited by cyber operations linked to the People’s Republic of China (PRC).  

And it’s not just happening in the U.S. a cyberattack on a nuclear facility in the UK recently showed us how high the stakes can be when it comes to protecting our infrastructure. Yet, despite all the alarms and awareness, there’s still a huge gap in both legislation and international cooperation on cybersecurity.  

The Dying Need for a Better Global Cyber Treaty  

Critical Infrastructure

The current state of cybersecurity for critical infrastructure is fragmented, with a patchwork of regulations and standards that often fail to address the complexities of modern threats. Although the United Nations adopted voluntary norms in 2015, their impact has been limited.  

Cyber incidents targeting infrastructure have reportedly doubled between 2020 and 2022, according to the International Energy Agency, highlighting the inadequacy of the current response framework.   

To address this pressing issue, the international community should consider establishing a global cyber treaty specifically focused on enhancing the protection of critical infrastructure. Such a treaty could build on existing frameworks, introducing binding measures that would elevate global cybersecurity standards.  

report-ad-banner

Currently, the cybersecurity regulatory environment comprises a mix of federal laws, industry standards, and sector-specific guidelines. However, none of these regulations provide comprehensive coverage for all critical infrastructure sectors.  

  • Health Insurance Portability and Accountability Act (HIPAA): This federal law is crucial for safeguarding medical information, requiring healthcare providers and their associates to implement security measures to protect patient data. Despite its importance, HIPAA’s scope is limited to the healthcare sector and does not extend to other critical infrastructure areas.  
  • Cybersecurity Maturity Model Certification (CMMC): Designed for defense contractors working with the Department of Defense (DoD), the CMMC ensures these entities adhere to specific cybersecurity standards. However, its applicability is restricted to defense-related contractors, leaving other sectors without comparable protections.  
  • Payment Card Industry Data Security Standard (PCI DSS): This industry standard, adopted widely across states, sets security requirements for entities handling credit card data. Yet, PCI DSS does not encompass critical infrastructure sectors beyond financial transactions.  
  • Communications Assistance for Law Enforcement Act (CALEA): Enforced by the Federal Communications Commission (FCC), CALEA mandates telecommunications companies to facilitate lawful interception of communications. However, CALEA’s focus on law enforcement does not address broader cybersecurity concerns.  
  • North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP): NERC CIP guidelines are instrumental in securing the electric grid from cyber threats. Nonetheless, they are sector-specific and do not extend to other critical infrastructure areas such as transportation or manufacturing.  
  • Despite these existing frameworks, there is no central, comprehensive approach to cybersecurity across all critical infrastructure sectors. This fragmented regulatory environment often results in gaps that cyber adversaries can exploit.  

The Case for a Unified Cybersecurity Framework  

The need for a more integrated regulatory approach is not only important but has become the need of the hour. Centralized regulations could establish a baseline for security practices, encouraging organizations to develop and refine their cybersecurity strategies. 

This would address common vulnerabilities and foster innovation in security measures. For instance, the Zero Trust model, which manages interactions between people, data, and systems to mitigate security risks, has emerged in response to the need for better security in increasingly parameterless networks. 

Centralized regulations could also standardize security practices across supply chains, reducing vulnerabilities that arise from interconnected business operations. By ensuring that all parties adhere to the same security protocols, organizations can better manage and mitigate risks. This approach would not only enhance security but also build trust among stakeholders, including consumers and supply chain partners.  

The current threat system highlights the need for better regulatory frameworks. Online threats such as Advanced Persistent Threats (APTs) and the convergence of IT and Operational Technology (OT) systems pose significant challenges.  

Convergence of IT and OT Systems: The integration of IT and OT systems has expanded the attack surface for critical infrastructure. Systems like industrial control systems (ICS) and supervisory control and data acquisition (SCADA) are now vulnerable to cyber threats that were previously limited to IT networks. This convergence highlights the need for integrated cybersecurity frameworks that address both IT and OT environments. 

Advanced Persistent Threats (APTs): APTs are sophisticated, often state-sponsored attacks aimed at high-value targets over extended periods. Addressing APTs requires advanced detection and response capabilities, as well as continuous monitoring and threat intelligence. Regulations that mandate these capabilities could help organizations better defend against such sophisticated attacks.  

Internet of Things (IoT) and Legacy Systems: The proliferation of IoT devices introduces additional security challenges, as many are designed with minimal security controls. Moreover, critical infrastructure often relies on legacy systems that were not designed with modern cybersecurity threats in mind. Updated regulatory standards are needed to address these vulnerabilities.  

Global Perspectives and Recommendations  

Given the global nature of cyber threats, international cooperation is essential for protecting critical infrastructure. A global cybersecurity treaty focused on critical infrastructure could help establish universal standards and norms. Such a treaty would provide a framework for responding to cross-border cyber threats and build on existing frameworks, like the UN’s guidelines on responsible state behavior in cyberspace.  

Enhancing public-private partnerships is also crucial. Collaboration between government agencies, industry stakeholders, and cybersecurity experts can lead to more effective security measures and facilitate the sharing of threat intelligence. Initiatives such as the Cybersecurity and Infrastructure Security Agency (CISA) and Information Sharing and Analysis Centers (ISACs) play a vital role in fostering this collaboration.  

Moreover, promoting innovation in cybersecurity is essential for staying ahead of emerging threats. Investing in research and development for new security technologies and fostering collaboration between researchers, developers, and industry practitioners can drive the development of advanced security solutions.  

To Sum Up  

As we navigate the complexities of our digital world, upgrading cybersecurity standards for critical infrastructure is more urgent than ever. The recent spike in cyberattacks on energy grids, healthcare systems, and transportation networks exposes a troubling stagnation and insufficiency in our current defenses.  

While frameworks like HIPAA, CMMC, and PCI DSS exist, they fall short of covering all critical sectors comprehensively. The fragmented nature of today’s cybersecurity landscape leaves dangerous gaps, especially as technology advances and threats become more sophisticated.  

To truly tackle these challenges, the international community needs to push for a unified global cyber treaty. Such a treaty could bring a cohesive approach to protecting critical infrastructure, establishing universal standards, and enhancing global cooperation. By aligning our efforts, standardizing practices, and encouraging innovation, we can build a stronger, more resilient cybersecurity strategy capable of standing up to the evolving threats of the digital age.

Share this:

  • Share on LinkedIn (Opens in new window) LinkedIn
  • Share on Reddit (Opens in new window) Reddit
  • Share on X (Opens in new window) X
  • Share on Facebook (Opens in new window) Facebook
  • More
  • Email a link to a friend (Opens in new window) Email
  • Share on WhatsApp (Opens in new window) WhatsApp

Related

Tags: CALEACMMCcritical infrastructurecyber treatyHIPAANERC CIPPCI DSSThe Cyber ExpressThe Cyber Express News
Previous Post

Law Enforcement Puts a Damning Dent in RedLine and Meta Infostealer Operations

Next Post

UK Sanctions 3 Russian Firms for Anti-Ukraine Propaganda

Next Post

UK Sanctions 3 Russian Firms for Anti-Ukraine Propaganda

Q1 2026 Threat Reports

❮ ❯
Cyble-Vision


Follow Us On Google News

Latest Cyber News

EU-US Data Privacy Framework
Cyber News

EU-US Data Privacy Framework Under Threat After Supreme Court Ruling

July 3, 2026
Japan cyberattacks
Cyber News

Japan’s Aflac, KDDI, Sapporo, Nidec: Four Breaches, One Common Entry Point

July 2, 2026
Scattered Spider
Cyber News

Alleged Scattered Spider Member Arrested in Finland, Extradited to U.S.

July 2, 2026
AI Cyber Attacks
Cyber News

AI Cyber Attacks Emerge as Biggest Threat to Indian Banking: RBI

July 1, 2026

Categories

Web Stories

Do This on Telegram, Your Bank Account Will Become Zero
Do This on Telegram, Your Bank Account Will Become Zero
If You Install the iOS 18 Beta, Your iPhone Could Be Hacked
If You Install the iOS 18 Beta, Your iPhone Could Be Hacked
Cricket World Cup Ticketing Systems Under Cybersecurity
Cricket World Cup Ticketing Systems Under Cybersecurity
Cyber Threats and Online Ticket Scams During the NBA Finals
Cyber Threats and Online Ticket Scams During the NBA Finals
Biometric Data Security: Protecting Sensitive Information
Biometric Data Security: Protecting Sensitive Information

About

The Cyber Express

#1 Trending Cybersecurity News and Magazine

The Cyber Express is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

 

Contact

For editorial queries: [email protected]

For marketing and Sales: [email protected]

 

Quick Links

  • About Us
  • Contact Us
  • Editorial Calendar
  • Careers
  • The Cyber Express by Cyble Vulnerability Disclosure Policy
  • Cyble Trust Portal

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
10080 North Wolfe Road, Suite SW3-200, Cupertino, CA, US 95014

 

India Office:

Cyber Express Media Network
HD-021, 4th Floor, C Wing, Building No.4. Nesco IT Park, WE Highway, Goregaon East, Mumbai, Maharashtra, India – 4000063

  • Privacy Statement
  • Terms of Use
  • Write For Us

© 2026 The Cyber Express - Cybersecurity News and Magazine.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Magazine
  • Firewall Daily
  • Essentials
    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Knowledge Hub
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Conference
    • Webinar
    • Endorsed Events
  • Advisory Board

© 2026 The Cyber Express - Cybersecurity News and Magazine.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00
Do This on Telegram, Your Bank Account Will Become Zero If You Install the iOS 18 Beta, Your iPhone Could Be Hacked Cricket World Cup Ticketing Systems Under Cybersecurity Cyber Threats and Online Ticket Scams During the NBA Finals Biometric Data Security: Protecting Sensitive Information