Protecting Critical Infrastructure
Over many years, threat actors have consistently targeted organisations in the energy, utility and related sectors and cyber attacks on critical infrastructure have become increasingly more complex and more disruptive, causing systems to shut-down, disrupting operations, or simply enabling attackers to remotely control affected systems.
Critical infrastructure and industrial operations have evolved and become digitised in the same way as other modern industries, however, industrial control systems remain in a unique hybrid stage, somewhere between their analog history and the digital future.
Critical infrastructure describes the physical and cyber systems and assets that are so vital to a country that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety. In most countries it is the government's responsibility for the national security, public safety, the effective functioning of the economy and the continuity of government services in case of an emergency or crisis. Unhappily, such events are more frequent:
- After the recent ransomware attack on a major petroleum pipeline in the US, the Department of Homeland Security’s (DHS) has announced a Security Directive that will enable it to better respond to threats to critical companies in the pipeline sector.
- In February 2020, Saudi authorities reported that their public petroleum and natural gas company Saudi Aramco has seen a significant increase in cyber attack attempts following a huge initial attack in 2012 when a Virus damaged around 30,000 computers.
- New Zealand’s Central Bank had a large data breach, where commercially and individually sensitive information was stolen by cyber attackers.
- Irelands Health Service IT systems shut down and remain partially disabled following a wide ranging ransomware incident.
- In both Israel and the Florida potentially lethal attempts to sabotage control systems in the water distribution network were thwarted by alert supervisors.
The disruption caused due to a successful cyber attack on a nation’s critical agencies can be far-reaching. It has the potential of causing a major loss of money, time, and even lives.
Critical infrastructure cyber security has been gaining momentum in the US, culminating in a new security directive, as cyber-attacks continue to target infrastructure companies. “The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats,” said Secretary of Homeland Security Alejandro N. Mayra.
The DHS is focussing its efforts with owners and operators and other government agencies to enhance the physical security preparedness of US hazardous liquid and natural gas pipeline systems and the new Security Directive will require critical pipeline owners and operators in the US to:
- Report confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency (CIA).
- Designate a Cybersecurity Coordinator, to be available 24 hours a day, seven days a week.
- Review their current practices as well as to identify any gaps and related remediation measures to address cyber-related risks and report the results to TSA and CIA within 30 days.
Visibility and management are the key factors in security for Supervisory Control and Data Acquisitions (SCADA) systems, but security and IT professionals must be aware of the risks and set in place security controls aimed at reducing the impact of a potential cyber attacks and the increasing the costs of these attacks.
Currently around 103 countries have published their national cyber security strategies. As the US lead agency for protecting critical infrastructure against cyber security threats, CIA provides cyber security resources to mitigate potential risks, including through a dedicated hub that disseminates information to organization, communities, and individuals about how to better protect against ransomware attacks.
Cyber attacks on critical infrastructures can have a significant economic impact, especially when targeted in conflict between nations. Securing these systems is not a matter of fully reverting back to physical access, but a matter of understanding how Internet-connected control systems work, how they are configured, and how they are accessed.
Dept. of Homeland Security: World Trade Organisation: CIPSEC EU:
Security Boulevard: Mission Secure: I-HLS: Image: Unsplash
You Might Also Read:
A New Generation Of Critical Vulnerabilities:
Focused Security Analysis For Your Organisation’s IT Systems: