Going digital poses a challenge for critical infrastructure operators

Share this article:

LONDON – The biggest challenge facing critical infrastructure is a push to go digital despite controls being dated, according to a panel speaking at this week's InfoSecurity Europe.

For example, the control systems used by Network Rail, which owns and operates Britain's rail infrastructure, is made up of an electro-mechanical infrastructure. However, Peter Gibbons, head of information security at Network Rail, said the company is in the process of making it more computerized.

Gibbons said his team has to apply new sets of practices to accompany the updated control setup.

"The bigger challenge comes with the bits [of technology] that are already there," Gibbons said during a panel discussion on Wednesday. "Interlocking technology is hardware based, but it's not computerized and not programmable. When you start computerizing that, it becomes a real challenge."

Mark Jones, CISO at British Airports Authority (BAA), which runs the Heathrow Express, an airport rail that offers transportation from Heathrow Airport to central London, said his company is experiencing a cultural impediment.

As Heathrow Express is updated, Jones is tasked with ensuring workers who are familiar with the traditional system can collaborate with those who specialize in implementing the new system.

"The mindsets of those two communities are quite different," Jones said. "We're trying to persuade stakeholders who have taken an electro-mechanical view, that they need to take on a stronger view of digital."

And even once the updates take place, there's a concern for a potential attack, Gibbons said, adding that Network Rail could "absolutely" be hacked.

"We're looking at a system that's largely based on Victorian technology," he said. "You look at the growth numbers and what the government wants us to do, and you can't do that with the technology we have. We have to put more trains onto the infrastructure, and to do that we can't use the current systems and signal boxes we're using."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.