The recent ransomware attack on a major U.S. pipeline highlights the extent of the financial risks posed by cybersecurity threats, said Fitch Ratings in a new report.
The rating agency said the recent cyberattack on the Colonial Pipeline underscores the financial fallout that can result from breaches of critical public infrastructure, such as power, water supply or public transportation.
“Infrastructure that has been compromised can directly affect state and municipal government finances in the near term through ransom payments and/or the costs of remediation and restoration of data and service, as well as over the longer term, as a result of broad economic disruption that leads to loss of tax revenue,” Fitch said.
Public infrastructure represents an attractive target for cyber criminals, the agency noted, as the “rewards for successful breaches can be significant”; and, hackers seeking to maximize headline risk may also be motivated to carry out attacks that undermine public safety and security.
At the same time, the shift to remote work due to the Covid-19 pandemic, and the increased use of technology in critical public infrastructure, “has created new cyber challenges and vulnerabilities,” Fitch said.
Other recent attacks on municipal water infrastructure in the U.S. reveal “the importance of manual redundancies and safeguards if cyber defenses are breached,” the report said.
“Management was able to limit damage at these utilities, even though the control systems of water treatment plants were compromised,” Fitch noted.