Infrastructure security today is different than in years gone by. Where once it meant simply locking up the office when you left for the day, today it means identifying and removing practically invisible threats that sneak themselves in through digital means. Hackers – both independently and as sponsored by other countries – are working to gain access to our critical infrastructure.
When we talk about critical infrastructure, we mean the systems and facilities that are necessary to keep society running as it does today. Examples include:
- Transportation and public infrastructure like roads and railway tracks,
- Emergency response providers,
- Food and water supplies,
- Banking, and
If you pause for a moment and think about how important these are in our daily lives, it is obvious that they need to be protected. But, what’s challenging today, that was not just a few years ago even, is that the threats to our infrastructure are not as visibly obvious. Today, we’re not simply patrolling locked gates to make sure that people don’t break in or putting important papers in a vault.
Today, all aspects of our infrastructure are managed and operated using computers. This means that cyber criminals have nearly endless opportunities to access critical infrastructure systems and cause a disruption of service, damage to equipment or even death. (Think about what could happen if dangerous chemicals were added to our water or if we were suddenly unable to reach hospitals for care.)
Combatting these dangers does not fall to only one person or group. Instead, it means that governments, businesses and individuals must work together, across geographic boundaries, to keep us safe.
Much of our critical infrastructure was built decades ago and simply hasn't been updated according to current security standards.
Government and Infrastructure Security
Outdated systems make it easier for criminals to gain access. Much of our critical infrastructure was built decades ago and simply hasn’t been updated according to current security standards. Modernizing infrastructure-related systems takes investment, which has been a key point of discussion among today’s governments. The Critical Five was established between Australia, Canada, New Zealand, the United Kingdom and the US to tackle this topic in 2015. Similarly, the European Programme for Critical Infrastructure Protection (EPCIP) is tasked with investigating critical infrastructure issues within the European Union. These are just two among many examples of how governments are working together across boundaries to address this common issue.
In addition to discussing and evaluating necessary investment, governments work locally to assess threats and spread information about the dangers that exist. The ability for government agencies to exchange information internationally ensures that everyone has the most up-to-date information and that mistakes made once aren’t repeated around the world, causing an even bigger issue.
Government agencies are also active in building partnerships with the private sector. Whether this is also through information sharing or it takes on a more formal approach, such as training and education, the public-private partnerships aim to raise awareness about the dangers that exist and strengthen the private sector’s ability to respond as efficiently as possible to attacks.
The Business of Infrastructure Management
Businesses who operate the world’s critical infrastructure systems must also take heed of the danger that could result from hackers gaining control. But, what can be done to bolster infrastructure security? Certainly, there is not one surefire way to do this: it requires a mixture of foresight and preparedness so that responses can be quick in the event of an emergency.
Foresight means looking ahead and being proactive in addressing possible vulnerabilities. From implementing two-factor authentication for remote workers to encrypting communication, infrastructure companies must be constantly evaluating security measures and making improvements as needed.
Preparedness addresses what to do once an attack has been identified. What is your emergency response plan?
This should include guidance on how to retake manual control (non-digital methods of operation). When the Ukranian power grid was attacked, one thing that helped reduce the impact was that workers were able to take control of turning on and off substations by hand. If this had not been the case, thousands would have gone without power for weeks or months.
Responding to cyber attacks quickly is also crucial. The faster incident response teams are notified about events, the less damage will be done. Teams should plan and create automated processes that kick off notifications and alerts whenever a threat is detected. Processes should guide the team through action steps so no time is lost figuring out what to do. And steps taken must be documented for forensics after the fact.
Together, we must work toward increasing infrastructure security so that we can continuing enjoying as much stability and safety as possible in our daily lives.
Can Individuals Help Secure Our Infrastructure?
Certainly. The starting point, of course, is to learn about the possibilities that exist in today’s digital climate. The better understanding people have about why they should change their passwords, lock their computers or ensure WIFI networks are secure before using them, the more likely they will be to follow the advice.
Consider the recent infiltration of the United States electric grid. A long, slow process of gathering login information from what appeared to be legitimate websites, old-fashioned phishing tactics and methodical password trial-and-error were combined. Together, these allowed hackers to step slowly into systems that manage the electric grid. Had employees been more aware of what could happen when their data and account information were compromised, they may have been more careful about following the advice of technology professionals.
There is still a lot of work to be done in this area, and it will be a race to the finish line for sure. Will it be the cybercriminals who win? Or, will government, businesses and people be able to act quickly enough to prevent – or minimize the issues caused by – disasters from happening when a strike is made against our infrastructure? Together, we must work toward increasing infrastructure security so that we can continuing enjoying as much stability and safety as possible in our daily lives.
If your business could benefit from more quickly responding to cyber attacks, visit www.otrs.com/storm/ to learn more about STORM powered by OTRS, a response management solution for security teams.