Going digital poses a challenge for critical infrastructure operators

Share this article:

LONDON – The biggest challenge facing critical infrastructure is a push to go digital despite controls being dated, according to a panel speaking at this week's InfoSecurity Europe.

For example, the control systems used by Network Rail, which owns and operates Britain's rail infrastructure, is made up of an electro-mechanical infrastructure. However, Peter Gibbons, head of information security at Network Rail, said the company is in the process of making it more computerized.

Gibbons said his team has to apply new sets of practices to accompany the updated control setup.

"The bigger challenge comes with the bits [of technology] that are already there," Gibbons said during a panel discussion on Wednesday. "Interlocking technology is hardware based, but it's not computerized and not programmable. When you start computerizing that, it becomes a real challenge."

Mark Jones, CISO at British Airports Authority (BAA), which runs the Heathrow Express, an airport rail that offers transportation from Heathrow Airport to central London, said his company is experiencing a cultural impediment.

As Heathrow Express is updated, Jones is tasked with ensuring workers who are familiar with the traditional system can collaborate with those who specialize in implementing the new system.

"The mindsets of those two communities are quite different," Jones said. "We're trying to persuade stakeholders who have taken an electro-mechanical view, that they need to take on a stronger view of digital."

And even once the updates take place, there's a concern for a potential attack, Gibbons said, adding that Network Rail could "absolutely" be hacked.

"We're looking at a system that's largely based on Victorian technology," he said. "You look at the growth numbers and what the government wants us to do, and you can't do that with the technology we have. We have to put more trains onto the infrastructure, and to do that we can't use the current systems and signal boxes we're using."

Share this article:

Sign up to our newsletters

More in News

ICO fines U.K. travel firm £150,000 for 2012 breach

Data on more than one million credit and debit cards was pilfered in the 2012 breach of a system Think W3 Limited.

Firefox 32 feature could cut undetected malware downloads 'in half'

Mozilla plans to introduce a feature in Firefox 32 that, based on preliminary testing, could cut the amount of undetected malware downloads in half.

EFF asks court to find NSA internet spying a violation of Fourth Amendment

EFF asks court to find NSA internet spying ...

Complete with a colorful graphic, the EFF showed a federal court how the NSA essentially runs a digital dragnet that can pick up innocent Americans.