Going digital poses a challenge for critical infrastructure operators

Share this article:

LONDON – The biggest challenge facing critical infrastructure is a push to go digital despite controls being dated, according to a panel speaking at this week's InfoSecurity Europe.

For example, the control systems used by Network Rail, which owns and operates Britain's rail infrastructure, is made up of an electro-mechanical infrastructure. However, Peter Gibbons, head of information security at Network Rail, said the company is in the process of making it more computerized.

Gibbons said his team has to apply new sets of practices to accompany the updated control setup.

"The bigger challenge comes with the bits [of technology] that are already there," Gibbons said during a panel discussion on Wednesday. "Interlocking technology is hardware based, but it's not computerized and not programmable. When you start computerizing that, it becomes a real challenge."

Mark Jones, CISO at British Airports Authority (BAA), which runs the Heathrow Express, an airport rail that offers transportation from Heathrow Airport to central London, said his company is experiencing a cultural impediment.

As Heathrow Express is updated, Jones is tasked with ensuring workers who are familiar with the traditional system can collaborate with those who specialize in implementing the new system.

"The mindsets of those two communities are quite different," Jones said. "We're trying to persuade stakeholders who have taken an electro-mechanical view, that they need to take on a stronger view of digital."

And even once the updates take place, there's a concern for a potential attack, Gibbons said, adding that Network Rail could "absolutely" be hacked.

"We're looking at a system that's largely based on Victorian technology," he said. "You look at the growth numbers and what the government wants us to do, and you can't do that with the technology we have. We have to put more trains onto the infrastructure, and to do that we can't use the current systems and signal boxes we're using."

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.