If you’ve ever watched any of the Marvel movies or their subsequent spinoffs on Disney+, then you know critical infrastructure was featured front and center in these action-packed superhero-centric forms of entertainment (comic books, television shows, and movies). And let’s be real—most of the time, it involved a lot of our critical infrastructure being impacted in some way, usually disabled or, in some cases, completely destroyed.

Let’s take a look at one of the Avengers spinoffs in the Disney+ miniseries The Falcon and the Winter Soldier. In this series, it’s six months after Captain America had moved on following the conclusion of Avengers: Endgame, with Falcon and Winter Soldier teaming up to stop an anti-patriotism group that had used a secret serum to try and get the world back to where it was when half the population was eliminated by Thanos (before the Avengers were able to restore billions of lives lost). This group is willing to stop at nothing to go back to that period where they feel they belong.

Throughout the miniseries, we see this group of fanatics hijack a plane, rob a bank, infiltrate pharmaceutical laboratories to steal medicine, raid a storage facility, and plan an attack on a conference. Critical infrastructure comes under siege throughout these six episodes time and again, disrupting the lives of people across the globe.

Now, do we expect to see intergalactic villains teleporting into downtown New York City in spaceships with a complete army in tow, ready to eliminate the planet as we have seen in some Marvel movies? Certainly not. But as we have seen throughout several of these Marvel entities, villains can come in all forms, including run-of-the-mill humans with an agenda at hand and hellbent on destroying anything in their way no matter the cost (see The Falcon and the Winter Soldier as a prime example).

Some of these villains can come in the form of hackers and cybercriminals who see critical infrastructure as a prime opportunity to demand a ransom, prove their skill, or simply create chaos in everyday life. Whatever the reason, it can lead to dangerous outcomes for the general population. Imagine the danger it would bring if someone gained full control of a gas pipeline or operated a draw bridge, or even turned every stop light green in a large city all at once.

Well, as most of us remember, the Colonial Pipeline suffered a cyberattack just over a year ago, in May 2021, where a $4.4 million ransom was solicited by DarkSide. This type of attack was accurately predicted by Bryson Bort, CEO of Scythe and Co-Founder of the ICS Village, back at RSA Conference 2020, along with Chris Krebs.

“These types of attacks are becoming more frequent and are driven by greed and disruption at the national, state, local, and municipality levels. Nobody is safe. These critical infrastructure attacks are moving from the breach of data and service to affecting the physical world to directly impact society in an incredibly disruptive way,” Bort said in this interview with our own Cecilia Marnier, RSA Conference Program Manager. More RSAC content on critical infrastructure can be accessed here.

The advancement of technology is something most of us take for granted and enjoy daily, but it doesn’t come without its drawbacks and concerns. So, what do attacks on critical infrastructure in our world look like? Well, they are becoming more frequent, more costly, and more complex, for one. In addition, certain industries—like utilities—are prime targets. But other industries, like healthcare, are also being targeted, so it’s vital that we stay vigilant and prioritize safety in order to keep our world a safe place for everyone.