QUESTION
What measures are in place to protect against cyberattacks on critical infrastructure?
1:02:28
·
4 min
Kelly Moan explains the multi-layered cybersecurity measures New York City has implemented to defend against threats to critical infrastructure like utilities and water systems.
- The city has advanced capabilities to detect and respond to cyber threats from various actor groups like hacktivists, cybercriminals, and state-sponsored advanced persistent threats.
- Particular focus is given to the threat group 'Volt Typhoon' which uses sophisticated 'living off the land' tactics to camouflage within systems.
- NYC Cyber Command works closely with federal and private partners on preparedness through measures like tabletop exercises and incident response planning.
- A robust team with 7 years of experience in building security services and partnerships allows NYC to be a global leader in cyber resilience.
Vickie Paladino
1:02:28
Concerns for cyberattacks on our infrastructure by terrorists.
1:02:32
Is our country equipped to handle an infrastructure cyberattack?
1:02:37
I don't think so.
Jennifer GutiƩrrez
1:02:41
I mean, you can respond to whether or not like the city in in our capacity.
1:02:44
OTI is equipped to to respond.
Kelly Moan
1:02:47
So thank you for the question.
1:02:48
And, again, I wanna reiterate, thank you having me here.
1:02:51
These types of conversations are absolutely important and critical to, again, elevate the conversation about cybersecurity within the public domain and and public awareness.
1:03:01
New York City ecosystem is is vast and complex.
1:03:05
We have to protect everything from the most basic knowledge, think your Windows device at at home, your Windows workstation, all the way to the more in advance, such as industrial control systems.
1:03:16
That mission is incredibly important to us.
1:03:19
We endeavor to make New York City the most resilient city in the world, and we do that in a number of tangible ways.
1:03:25
Do think it's important in this particular space what I can disclose again in the public domain and in our world cybersecurity industry.
1:03:33
We're at large.
1:03:34
We're continuing to see trends of threat actors that attempt to trick users through social engineering tactics to click on malicious links or or documents.
1:03:46
We have to contend with a number of of threat actors, 3 that that come to mind in terms of threat groups, or hackers or threat actors that endeavor to promagate some of these attacks within, you know, broadly, globally.
1:04:09
1, you know, we have to contend with attackers like hacktivists, who are promoted and are fueled by activists and activist causes.
1:04:22
Right?
1:04:23
We have to contend with cyber criminal groups, which continue as an industry, continues to be omnipresent within the domain.
1:04:30
Right?
1:04:31
These are threat groups that actively are a attempting to gain financially through cyber attacks.
1:04:37
And then the 3rd, which, again, I I think it is important to discuss openly.
1:04:42
And and, again, this is this public information, but threat groups such as advanced persistent threat And those are those are highly sophisticated threat actors, incredibly well versed in in cyberattacks and intrusion methodologies.
1:04:58
In particular, our city continues to be hyper focused on all threat groups that attack any public or private sector entity.
1:05:07
But in particular, there's continued cybersecurity advisories from the federal sector and international partners that have been released related to a threat group known as Volt Typhoon.
1:05:23
And the reason I bring that particular threat group up is because we're continuing to see targets against critical infrastructure structure being omnipresent in the industry.
1:05:33
This particular group, as as one type of advanced persistent threat, uses tactics that we call living off the land.
1:05:42
It's essentially where a threat actor attempts to hide in plain sight of devices using tools on your on your computer that your system administrators would normally use.
1:05:57
Right?
1:05:58
Known good applications essentially behaving badly.
1:06:01
And so this particular threat actor and he's living off the land techniques camouflage techniques that the threat actor use are obviously more sophisticated types of techniques, but it's still those that we have to contend with.
1:06:16
And as the rise of critical threats against critical infrastructure in particular utilities, waste and water systems.
1:06:24
It is paramount that we have partnerships and collaboration in place to protect against those attacks.
1:06:30
And defend and and then recover from them as well to make sure that we're focusing not just on defense and protect but also on our incident response capabilities, which includes tabletop exercises with private and public sector partners.
1:06:47
To again continue to practice incident response techniques and protocols should we suffer an attack at any size or or scope of any magnitude.
1:07:03
Those are just a a couple examples of what public and private sector entities have to contend with from a threat attack perspective.
1:07:11
I'm incredibly proud of the team that we had and what the abilities that we've been able to build over the last 7 years with regard to security services.
1:07:20
And partnership, quite frankly.