Attacks on Tribal Infrastructure

 

Casino security monitors

Attacks on Critical Infrastructure on Tribal Lands in the U.S.: Examples and Prevention Efforts

Critical infrastructure on tribal lands in the United States has increasingly become the target of various forms of cyber-attacks. These attacks, often aimed at disrupting essential services and causing significant financial losses, underscore the vulnerability of tribal infrastructure and the need for robust cybersecurity measures. This article explores examples of such attacks, the steps being taken to prevent them, and the proactive measures that tribes themselves are implementing to safeguard their infrastructure.

Examples of Attacks on Tribal Critical Infrastructure

Ransomware Attacks: One of the most pervasive forms of cyber-attacks on tribal lands has been ransomware. Several tribes have fallen victim to these attacks, which have crippled critical systems by encrypting data and demanding ransom payments. The consequences of these attacks have been severe, disrupting network and email access, halting communications, and impairing the delivery of social services. In some cases, the economic impact has reached into the millions of dollars, causing long-term damage to tribal enterprises and public services.

Cybersecurity Breaches: Tribal casinos and other enterprises are lucrative targets for cybercriminals due to the substantial financial transactions they handle. These breaches have not only resulted in financial losses but also disrupted operations and eroded trust. The theft of sensitive information during these attacks has had far-reaching implications, affecting both the financial stability and the reputation of the tribes involved.

Measures to Prevent Attacks

In response to the growing threat of cyber-attacks, several measures are being implemented to protect critical infrastructure on tribal lands. These efforts involve collaboration between federal agencies and tribal governments to enhance cybersecurity resilience and preparedness.

CISA Tribal Affairs: The Cybersecurity and Infrastructure Security Agency (CISA) has established a Tribal Affairs webpage to enhance tribal awareness of available resources and services. This initiative aims to improve operable and interoperable communications, strengthen cyber posture, and offer technical assistance tailored to the specific needs of tribal communities. By providing these resources, CISA helps tribes bolster their defenses against cyber threats and improve their overall infrastructure security.

Federal Support: Under the National Security Memorandum on Critical Infrastructure Security and Resilience, the Department of Homeland Security (DHS) is empowered to lead efforts in securing U.S. critical infrastructure, with CISA serving as the National Coordinator. This federal support includes a focus on tribal lands, recognizing the unique challenges faced by these communities in protecting their critical infrastructure.

Bipartisan Infrastructure Law: The Bipartisan Infrastructure Law has allocated $32 million in cybersecurity grants specifically for tribes. These grants are intended to make tribal communities safer and more resilient to cyber-attacks. By providing financial resources, the law supports the development and implementation of cybersecurity measures that are crucial for protecting critical infrastructure on tribal lands.

Proactive Tribal Actions

In addition to federal support, tribes are taking significant steps to protect their infrastructure from cyber-attacks. These proactive measures reflect a commitment to enhancing cybersecurity and ensuring the resilience of their critical systems.

Collaboration with CISA: Many tribes are working closely with CISA to develop customized solutions that address their specific needs. This collaboration includes efforts to improve public safety communications and enhance cyber resilience. By working directly with federal agencies, tribes are able to access expertise and resources that help them better defend against cyber threats.

Cybersecurity Initiatives: Recognizing the importance of cybersecurity, tribal casinos and other enterprises are investing in advanced security measures to protect against ransomware and other cyber threats. These initiatives often involve the implementation of sophisticated cybersecurity technologies, staff training, and the development of incident response plans. By taking these steps, tribes are actively working to safeguard their critical infrastructure and minimize the risk of future attacks.

Conclusion

The threat of cyber-attacks on critical infrastructure on tribal lands is a serious concern that requires a coordinated response. Through collaboration with federal agencies like CISA, the implementation of federal cybersecurity grants, and proactive measures taken by tribes themselves, significant progress is being made to protect tribal infrastructure from cyber threats. These combined efforts aim to strengthen the resilience of tribal lands, ensuring that their critical infrastructure remains secure in the face of evolving cyber risks.

Sources:

1. CISA Launches Tribal Affairs Webpage | CISA 

2. TribalNet: After numerous attacks, tribal casinos are taking cyber ... 

3. National Security Memorandum on Critical Infrastructure Security ... - CISA 

4. CISA Tribal Affairs | CISA 

6. Threats to America's Critical Infrastructure Are Now a Terrifying ... 

7. Defending the Homeland Against Critical Infrastructure Attacks 

Tribal Security

 

Impact of Cyber Attacks on American Tribes: A Growing Threat

Tribal casinos are under attack

American tribes are grappling with the long-term consequences of cyber-attacks as their governments, casinos, and healthcare facilities continue to be high-priority targets for cybercriminals. A warning issued by the FBI’s Cyber Division on November 3, 2021, highlighted the significant risks these attacks pose to critical infrastructure on tribal lands, with millions of dollars in potential costs and damages at stake.

This warning came as tribal leaders and IT professionals gathered at the TribalNet Conference & Tradeshow in suburban Dallas, where cybersecurity was a major focus. Even though the alert was issued over two years ago, the urgency of the threat remains, with cybersecurity continuing to be a critical concern for tribal entities. The 2021 conference featured multiple sessions dedicated to the topic, emphasizing the need for ongoing vigilance.

According to the FBI's 2021 alert, ransomware attacks had already caused significant financial damage to tribal entities, disrupting operations and leading to the theft of sensitive data. Tribal governments, healthcare providers, emergency services, schools, and casinos were all identified as targets. These attacks have had a profound impact, not just financially, but also in terms of operational disruptions that can weaken the resilience of tribal infrastructure.

The escalation in cyber-attacks on tribal entities has been alarming. The National Indian Gaming Commission (NIGC) reported that cyber-attacks surged by 1,000% between 2019 and 2021. While only one attack was recorded in 2019, the number jumped to 12 in just 18 months during 2020 and 2021.

The impact of these attacks was vividly illustrated in June 2021 when six tribal casinos in Oklahoma were forced to close temporarily due to ransomware demands. The situation worsened in August when the Ho-Chunk Nation's casino in Wisconsin Dells was shut down for four days after a cyber-attack. Similarly, the Tesuque Casino in New Mexico experienced a three-day closure in September 2021 due to a cyber incident. These closures not only disrupted casino operations but also posed significant financial risks to the tribes involved.

Ransomware attacks typically involve hackers infiltrating and disabling casino systems, then demanding ransom payments to restore operations. The threat is not limited to casinos; tribal medical facilities have also been targeted, posing a grave danger to patient care and safety.

Mike Day, CEO of TribalHub, acknowledged the ongoing threat level, noting that ransomware had become a particularly pressing issue. As a key figure at the 2021 TribalNet conference and a member of the newly formed Tribal Information Sharing and Analysis Center (Tribal-ISAC), Day stressed the importance of tribal collaboration in combating these threats. Tribal-ISAC serves as a platform for sharing cyber-threat advisories and enhancing cybersecurity measures across tribal communities.

Day also pointed out that the rising cyber threats are not confined to tribal governments, casinos, and healthcare systems. Much of the nation’s critical infrastructure is located on tribal lands, adding to concerns about the broader implications of these cyber-attacks.

Since 2019, at least nine different ransomware groups have been identified as targeting tribes and tribal enterprises. More than 12 tribes, along with a major casino equipment supplier, have fallen victim to these attacks. However, Day suggested that the true scale of the problem is likely much larger, as many incidents go unreported.

The FBI’s 2021 alert marked the first public acknowledgment of the significant financial toll these ransomware attacks have taken on tribal operations. However, tribes have largely remained silent on how they have dealt with these attacks. While NIGC officials have indicated that ransom demands have ranged from several hundred thousand dollars to over $1 million, the exact amounts paid remain undisclosed. Furthermore, tribes are not required to report cyber-attacks to the NIGC, leaving the full extent of the issue unclear.

Day also highlighted the conflicting approaches to dealing with ransomware. While the federal government’s stance is to never pay a ransom, insurance companies often advocate for payment to quickly resolve incidents. This conflict creates a dilemma for tribes, as paying the ransom could inadvertently fund future attacks.

John Iannarelli, a keynote speaker at the 2021 TribalNet Conference and former FBI cyber expert, reinforced that tribal casinos and governments are increasingly seen as vulnerable targets by cybercriminals. He warned that it’s not a matter of if, but when tribes will be hit by cyber-attacks.

Iannarelli noted that larger commercial casinos, such as those in Las Vegas, often have dedicated teams focusing solely on cybersecurity and physical security. However, many tribal casinos do not have the same resources, making them more susceptible to attacks. The challenge of finding qualified cybersecurity professionals only exacerbates the problem, as the entire business sector in the U.S. faces a shortage of cyber talent.

He also emphasized the importance of employee training in preventing cyber incidents. Many attacks originate from simple mistakes, such as clicking on suspicious links in personal emails while at work. Even working from home on tribal websites can expose vulnerabilities if proper security measures are not in place.

As the threat of cyber-attacks on tribal lands continues to grow, the need for vigilance, collaboration, and proactive cybersecurity measures remains as critical today as it was when the FBI issued its 2021 warning. Tribal leaders, IT professionals, and federal agencies must work together to protect critical infrastructure and ensure the long-term resilience of tribal communities against these escalating threats. The lasting impact of these attacks could be profound, affecting not just the financial stability of tribes, but also their ability to provide essential services and maintain their cultural and social fabric.

Source: TribalNet: After numerous attacks, tribal casinos are taking cyber security very seriously — CDC Gaming Reports