The threat of cyber attacks on critical infrastructures (CI) has increased the past years. Attacks on our cyber infrastructure are no longer a theoretical possibility, but a real threat coming to life. The cyber defences of the critical infrastructure sectors are often outdated, due to the constant evolution of cyberattacks; this makes them particularly vulnerable to cyberattacks. Governments like the UK are therefore particular concerned about the CI systems of nuclear powerplants. Through these systems, hackers can gain control of nuclear plants which – if the hacker has malicious intentions – can be quite catastrophic. Besides this, the disruption of critical infrastructure usually results in a chain reaction due to interdependencies of the different infrastructures. Because of the likelihood of cyber-attacks occurring the focus of the strategy of the CI sectors should be on mitigation and getting the systems operational after the attack.
The systems that we as people depend on, like transportation, industrial control and energy systems, are becoming more and more digitally controlled and connected. This has brought us tremendous gains in productivity and reliability (good alignment supply and demand). However, the digitalization of these networks and systems has a dark side as well; it has increased the vulnerability of our Critical Infrastructures to cyber-attacks. According to the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) the number of cyber security incidents involving critical infrastructure increased by 20% in 2015.
Focus on Industrial Control Systems
It appears that hackers are becoming more focused on the industrial control systems of critical infrastructures. By doing this hackers gain control of the systems of the critical infrastructures. The attacks can cause a stop of production, material damage and even harm people. It is for example it is possible for hackers to change the water flow and the amount of chemicals in the water of a utility plant. The contamination of water with too much chemicals can seriously jeopardize the health of the customers using it.
The biggest cybersecurity incident on industrial controls happened in Ukraine, where several electrical distribution companies were taken over by Russian hackers causing the energy grid to shut down. The system was taken over by using phishing emails whereby they gained control of the substations. When the hackers launched the attack, they prevented customers to contact the call center to report the outage, by launching a Telephone Denial of Service attack. The center’s phone systems were flooded with thousands of bogus calls that appeared to come from Moscow, to prevent legitimate callers from getting through. Over 225,000 customers were affected by the power outage.
For governments nuclear plants are especially of concern for them in terms of cyber threats. Losing control over the power stations can be disastrous, because it can result in a leakage of radioactive material and cause the energy grid to shut down. This has negative consequences for the economy and the public order in the country. Therefore governments like the UK have taken measures to withstand the cyber threats. The Department for Business, Energy and Industrial Strategy issued a Civil Nuclear Cyber Security Strategy in order to be resilient against the ever evolving cyberattacks.
Critical infrastructures are increasingly interconnected with each other. When there are problems with one of the critical infrastructure sectors, it also affects the other CI systems. For instance, if something happens to the water grid, this could influence the way the power grid operates. Hackers can attack the main control room and infiltrate the SCADA systems, through which they can give commands like opening or closing valves and turning compressors on and off. It is then possible for hackers to increase the pressure on the pipeline till it blows up, causing the water pipeline to break. This results in a chain reaction; the foundation under the power transmission lines will be weakened by the spilled water, which in turn damages the power grid.
Mitigation and Restoration of Systems
Due to the likelihood of a cyber-attacks occurring, the focus of the strategy of the CI sectors should be on mitigation and getting the systems operational after the attack. Companies like SIM-CI mitigate the effects by building in resilience in the critical infrastructure. Also the best strategy for restoring the systems of critical infrastructures can be determined with the information that SIM-CI provides. Planning beforehand can significantly reduce the damage of an incurring cyberattack.