Critical infrastructure and the growing cyber threats against our nation

By Molly Gluck

In Part Two of Boston University’s National Cyber Security Awareness Month Medium series, security experts weigh in on the top threats associated with critical infrastructures and share best-practices for protection

The Department of Homeland Security (DHS) defines critical infrastructure as, “essential services that underpin American society and serve as the backbone of our nation’s economy, security, and health. We know it as the power we use in our homes, the water we drink, the transportation that moves us, the stores we shop in, and the communication systems we rely on to stay in touch with friends and family.”

The DHS goes further to say that an attack on a critical infrastructure system could have a debilitating impact on our physical or economic security or public health or safety. In the early 2000s, Stuxnet, a malicious computer worm, demonstrated this to the world when it caused significant damage to Iran’s nuclear program. And just this week, researchers at Slovakia-based ESET reported that a new group of hackers, dubbed GreyEnergy, have infected three energy and transport companies in Ukraine and Poland with sophisticated new malware, and may be scheming other attacks. Today’s era of IT/OT/IoT convergence is allowing malicious actors — including nation-states and politically or financially motivated hackers — to easily gain access to entire operating systems and infrastructures through the weakest link, and achieve widespread harm.

Despite this risk, nearly 60% of executives at critical infrastructure operators reported that they lack appropriate controls to protect their environments from security threats. The poll also uncovered a lack of security in key sectors, including energy, utilities and manufacturing.

In an effort to combat this growing threat, critical infrastructure security is a key focus of this year’s National Cyber Security Awareness Month (NCSAM). In conjunction with this initiative, Boston University professors David Starobinski, Manuel Egele and Ari Trachtenberg from the Department of Electrical and Computer Engineering, weigh in on critical infrastructure vulnerabilities that need national attention in Part Two of Boston University’s NCSAM Q&A series. Check out what they had to say below.

Image source: Flickr from Ian Muttoo License: Creative Commons

Q1: Do you think the next major war on the U.S. will target critical infrastructures as a primary vector of attack? If so, why?

“Based on the recent history of conflicts, it is likely that any future war will involve cyberattacks against infrastructure, such as airports, hospitals, and financial services. Generally, the main objective is to sow fear and panic in the public.” — David Starobinski

Professor Starobinski is not alone in his thinking. NATO Secretary-General Jens Stoltenberg explains, “We see cyber being used to meddle in domestic political processes, attacks against critical infrastructure. Cyber will be an integral part of any future military conflict.” Furthermore, the Pentagon recently released a new cybersecurity strategy mapping out a more aggressive use of military cyber capabilities.

Q2: Our day-to-day life depends on the country’s 16 sectors of critical infrastructure. What makes these vital frameworks so vulnerable?

“Recent studies have made clear that the Nation’s major critical infrastructures are inter-dependent. Hence, attack on one of these infrastructures could lead to a chain reaction impacting other infrastructures. Funding agencies are currently running programs, whose objectives are among other things to reduce the risk of such chain reactions.” — David Starobinski

“It seems that systems whose legacy is in air-gaped deployments (i.e., command and control infrastructure that is not connected to the Internet, where cyber security issues were ignored for decades) attract the attention of attackers as soon as these systems are connected to the Internet — almost irrespective of the underlying process these systems control.” — Manuel Egele

Q3: How can we best secure these infrastructures?

All critical infrastructures need to be properly examined and vetted, ideally through exercise of compromise (so called “red team” exercises). Damaging any one infrastructure can have severe domino effects on others. At the same time, I do think it is safe to say that, to date, our critical infrastructures have largely been secured against accidents and mistakes. However, we have not spent sufficient time or energy understanding and worrying about malicious actors that, in our connected world, can be working from increasingly inaccessible locations.” — Ari Trachtenberg

Additionally, the DHS collaborated with the Department of Energy to develop best-practices to help mitigate consequences of a cyber incident against critical infrastructures — and holistically support national preparedness of the Nation’s electric infrastructure. These protocols include:

· expanding cybersecurity technical expertise and information sharing,

· early integration of cybersecurity into system design,

· funding for cybersecurity investments, particularly for smaller utilities; and

· strong workforce development.

Now that Boston University’s experts have outlined the most important cyber security issues today in Part One and Two of the NCSAM series — they will discuss the impact higher education has in strengthening cyber security in these priority areas next. Stay tuned for Part Three!

You can follow Boston University College of Engineering at @BUCollegeofENG, Boston University Department of Computer Science at @BUCompSci and Boston University Hariri Institute for Computing at @BU_Computing on Twitter.

Cutting-edge research and commentary out of Boston University, home to Nobel laureates, Pulitzer winners and Guggenheim Scholars. Find an expert: