How phishing resistant authentication can secure critical infrastructure from cyber threats
In my new blog post, I examine the critical infrastructure sector. This sector is becoming an increasingly common target of cyberattacks around the world. I will demonstrate how phishing-resistant authentication can effectively protect these facilities. Finally, I will show you the innovative, technologically advanced authentication solutions that Swissbit offers to protect digital identities.
Introduction
The number of cyberattacks on critical infrastructure facilities is increasing worldwide According to the European Repository of Cyber Incidents, reported security incidents on critical infrastructure have surged by 668% since 2022. In the last year, 56% of global gas, wind, water, and solar utilities reported at least one cyberattack. In addition, 54% of utilities worldwide expect an attack on critical infrastructure in the next 12 months, according to a recent study on the resilience of critical infrastructure worldwide.
This is a placeholder for an optional quote. This is a placeholder for an quote. This is a placeholder for an optional quote. This is a placeholder for an optional quote.
In Germany too, the number of cyberattacks on critical infrastructure increased by over 40% in 2024 compared to previous years. A total of 769 incidents were reported to the Federal Office for Information Security (BSI). These cyber security incidents are attributable to both non-state and state actors.
What is critical infrastructure?
The BSI defines critical infrastructure for Germany as follows: “Critical infrastructures (KRITIS) are organizations or facilities with important significance for the state community, the failure or impairment of which would result in lasting supply bottlenecks, significant disruptions to public safety or other dramatic consequences.”
The following sectors are also defined as critical infrastructure by the BSI:
As shown by the listed sectors, critical infrastructures encompass almost all areas of our everyday social and individual lives. They affect the continuous supply of energy, food, and water, as well as stable IT and telecommunications. Finally, they affect the healthcare sector, in which hospitals play a pivotal role. The worsening threat situation shows the need for action. In the past, less was invested in defending against cyber threats, especially critical infrastructure.
Regulatory Requirements
As shown by the listed sectors, critical infrastructures encompass almost all areas of our everyday social and individual lives. They affect the continuous supply of energy, food, and water, as well as stable IT and telecommunications. Finally, they affect the healthcare sector, in which hospitals play a pivotal role. The worsening threat situation shows the need for action. In the past, less was invested in defending against cyber threats, especially critical infrastructure.
.png)
.png)
.png)
.png)
The best way to increase the cyber resilience of critical infrastructure
As shown by the listed sectors, critical infrastructures encompass almost all areas of our everyday social and individual lives. They affect the continuous supply of energy, food, and water, as well as stable IT and telecommunications. Finally, they affect the healthcare sector, in which hospitals play a pivotal role. The worsening threat situation shows the need for action. In the past, less was invested in defending against cyber threats, especially critical infrastructure.
- Adopt passwordless authentication. Switch to non-password-based methods like FIDO2/Passkeys or Certificate based authentication, as passwords are vulnerable to phishing attacks.
- Enable phishing-resistant MFA (multi-factor authentication) to ensure all users are protected.
- Use hardware-based passkeys (Roaming Authenticator). Deploy modern authentication solutions such as FIDO security keys, like the iShield Key 2 (Link: Protecting your digital and physical access - Swissbit), which uses hardware-backed security to protect critical resources.
As shown by the listed sectors, critical infrastructures encompass almost all areas of our everyday social and individual lives. They affect the continuous supply of energy, food, and water, as well as stable IT and telecommunications. Finally, they affect the healthcare sector, in which hospitals play a pivotal role. The worsening threat situation shows the need for action. In the past, less was invested in defending against cyber threats, especially critical infrastructure.
As shown by the listed sectors, critical infrastructures encompass almost all areas of our everyday social and individual lives. They affect the continuous supply of energy, food, and water, as well as stable IT and telecommunications. Finally, they affect the healthcare sector, in which hospitals play a pivotal role. The worsening threat situation shows the need for action. In the past, less was invested in defending against cyber threats, especially critical infrastructure.
Jan Quack is working as a Senior Solution Engineer and is with Swissbit since Feburary 2025. He brings 20 years of professional experience, including 15 years specializing in PKI, IAM, FIDO, and Passwordless Authentication. In his role he is working with organizations to enhance security and streamline authentication strategies, always focusing on practical, real-world solutions. With a passion for making complex topics accessible, Jan has shared insights through keynotes, workshops, and consultations, helping businesses adopt modern authentication practices in an ever-evolving digital landscape.
