Critical Infrastructure Security

Nation-states, terrorists place critical infrastructure in their cross-hairs

By Steve Durbin, managing director, Information Security Forum

Over the coming years, the very foundations of today’s digital world will shake. Innovative and determined attackers, along with changes to the way organizations conduct their operations, will combine to threaten even the strongest establishments. Only those with vigorous preparations will stand tall.

Nation states and terrorist groups will increasingly weaponize the cyber domain, launching attacks on critical national infrastructure that cause widespread destruction and chaos. With power, communications and logistics systems down, organizations will lose the basic building blocks needed for doing business. Heating, air conditioning, lighting, transport, information, communication and a safe working environment will no longer be taken for granted.

Cyber and Physical Attacks Combine to Shatter Business Resilience

Nation states and terrorists will combine traditional military force with their increasingly sophisticated cyber arsenals to launch attacks that create maximum impact. Organizations will face interruptions to business as cities become no-go zones and vital services are rendered unavailable, with governments, militaries and emergency services struggling to respond effectively to concurrent physical and cyber incidents.

Physical and cyberattacks will be deployed simultaneously, creating unprecedented damage. Many nation states and terrorist groups (or both, working together) will have the capability to bring together the full force of their armaments – both traditional and digital – to perform a clustered ‘hybrid’ attack. The outcome, if successful, would be damage on a vast scale.

Telecommunication services and internet connections will be obvious first targets, leaving individuals and organizations cut off from the outside world. Assistance from emergency response services, as well as local and central governments, will be slow or non-existent as essential physical and digital infrastructure will have broken down.

These attacks will be designed to spread maximum chaos, fear and confusion. The stricken city, or cities, will be brought to a standstill, with both lives and businesses placed in jeopardy. Those at home will be unable and unwilling to go to work, or – without power or communications – unable to work from home. Those already in the office will be trapped with nowhere to escape to, as attacks hit them from every angle. Existing business continuity plans will be useless; they will not have been prepared to cater for an eventuality when every system is down while individuals are in physical danger. People will panic. Work will be off the agenda.

Weaponized Appliances Leave Organizations Powerless

Enemies aiming to inflict damage will take advantage of vulnerabilities in connected appliances such as thermostats, refrigerators, dishwashers and kettles to create power surges strong enough to knock out regional power grids. This relatively unsophisticated attack will bring operations to a grinding halt for organizations in affected areas, as governments prioritize restoring vital services over trade.

Attackers will find ways to access a huge proportion of the millions of connected appliances – such as heating systems and ovens – and turn them into weapons. This mass of appliances could be commandeered and misused for a number of disruptive ends, similarly to the way botnets of poorly protected home computers have been used to initiate and sustain large scale DDoS attacks. However, one threat merits specific attention – the damage they can wreak collectively on power grids.

These appliances, forming part of the Internet of Things (IoT) – many in homes but also found in offices and factories – are always powered-on and always connected to the internet. Manipulated by attackers to switch on to full power simultaneously, appliances will create a demand for power so unexpectedly high that it overloads and brings down regional electricity grids. With the grid offline or severely degraded, organizations will be weakened and struggle to function.

The underlying foundations of many business continuity plans, such as instructing employees to work from home, will be rendered useless as they will have neither power nor a means to communicate. Dependent critical services such as water supplies, food production systems and health care will be unavailable. Power rationing will affect other utilities and services, such as heating, lighting and transport. To cap it all, organizations will lose out to competitors in non-affected areas who will be quick to take advantage of the increased demand for their services.

How Can You Prepare? Involve the Board of Directors and Key Stakeholders

The role of the C-Suite has experienced significant transformation over the last decade. Public scrutiny of business leaders is at an all-time high, in part due to massive hacks and data breaches. It’s become progressively clear that in the event of a breach, the hacked organization will be blamed and held responsible. That means everyone in the C-suite could find themselves on the chopping block.

In particular, Chief Financial Officers (CFOs) have a major role to play in the daily running of an organization. They work directly with financial analysts and have concerns over loss of control over their financial reporting. They are also concerned with the potential loss of funds either through theft or as a direct result of another third party’s misfortune. If you think about it, they have good reason to be alarmed. The information that the CFO controls and works with on a daily basis is some of the most sensitive and important data that can be found within an organization.

The CFO must also understand where the information is at all times, how it is secured, who might want to steal it and how they might gain access to it. Perhaps most importantly, the CFO has a duty to provide plain, true and complete disclosure to the Board on a wide range of issues which today many would argue increasingly should include the potential impact of cyber-attack on the financial standing of the organization.

While the CFO has not always been viewed as an integral member of the security team at most global organizations in the past, these executives play an important role in advocating for and pursuing, critical investments that promote long-term business growth. Given the risks that cybersecurity threats pose in a technology-driven, global economy, today's CFO must focus on cybersecurity and ensure that adequate steps are taken to preserve and protect the company's reputation, stock price and mission-critical assets.

Let’s face it: incidents will most certainly happen as it is impossible to avoid every breach.

However, you can commit to building a mature, realistic, broad-based, collaborative approach to cybersecurity and resilience. Maturing your organization’s ability to detect intrusions quickly and respond expeditiously will be of the highest importance moving forward.

Don’t get left behind.

About the Author

Steve Durbin is Managing Director of the Information Security Forum (ISF).

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.