Information Security Today Home

New Books

Security and Privacy in Smart Grids edited by Yang Xiao; ISBN 9781439877838
21st Century Security and CPTED: Designing for Critical Infrastructure Protection and Crime Prevention, Second Edition by Randall I. Atlas; ISBN 9781439880210
Critical Infrastructure System Security and Resiliency by Betty Biringer, Eric Vugrin, and Drake Warren; ISBN 9781466557505
Critical Infrastructure: Homeland Security and Emergency Preparedness, Third Edition by Robert S. Radvanovsky and Allan McDougall; ISBN 9781466503458
Handbook of SCADA/Control Systems Security by Robert Radvanovsky and Jacob Brodsky; ISBN 9781466502260
Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS by Tyson Macaulay and Bryan L. Singer; ISBN 9781439801963

2.4 Internet, Social Media, and Cyber Attacks on Critical Infrastructures

by Thomas A. Johnson

The growth of the Internet and social media has been phenomenal in terms of the vast number of people now living and working in this global interconnected world. It is estimated that in 2014, more than 2.5 billion people are connected to the worldwide network. Another 3 billion people will be utilizing online Internet services within the next five years. To further demonstrate the opportunities, challenges, and risks that await all of us, we are now experiencing the "Internet of Things," where added to this complexity will be literally several billion more machines and devices that will also be available and will interact, guide, and in many cases make decisions apart from human control and judgment. Automation has been developed to provide machine technology that interacts with other vehicles and makes driving judgments to avoid collisions.

The CISCO Visual Networking Index forecasts that by 2016, there will be 18.9 billion network connections, or almost 2.5 connections for each person on earth, compared with 10.6 billion in 2011. New products and services will be born as more devices are interconnected. Chips and sensors, smaller and more powerful, can be embedded in more products, creating vast amounts of data and linking physical and digital systems. The Internet of Things-cars, ovens, office copiers, electrical grids, medical implants, and other Internet-connected machines that collect data and communicate-could result in 31 billion devices connected to the Internet in 2020.13

The increasing number of both people and devices becoming connected in cyberspace will greatly impact specific portions of our nation's critical infrastructure. Those infrastructures most immediately impacted will be the following:

  • The electrical grid system
  • Transportation
  • Telecommunications

Other infrastructure sectors will also be impacted, such as food, water systems, emergency services, and banking and financial services, but the impact on their performance and continuity of service will not be as profound as the former. The salient point is that as societies become so interconnected to both their devices and the critical services they require, this increasing dependency may well increase our vulnerability to disruption of our critical infrastructures.

Escalating attacks on countries, companies and individuals, as well as pervasive criminal activity, threaten the security and safety of the Internet. The number of high-profile, ostensibly state-backed operations continue to rise, and future attacks will become more sophisticated and disruptive. A global digital arms trade has now emerged that sells sophisticated malicious software to the highest bidders including hacker tools and "Zero-Day Exploits" attacks that take advantage of previously unknown vulnerabilities.14

Our banking and financial communities have experienced rather sophisticated attacks, as in March 2013, cyber attacks disrupted the banking services of Wells Fargo, J.P. Morgan Chase, Citi Group, U.S. Bancorp, PNC Financial Services, American Express, and Bank of America. Symantec Corporation estimates a cost to consumers of $110 billion globally, and other studies have estimated the cost to be from $25 billion to $500 billion. Another form of disruption and vulnerability that impacts our major corporations is "cyber economic espionage," and General Keith Alexander of our U.S. Cyber Command has termed these attacks as the "greatest transfer of wealth in history" and estimated that American companies have lost over $250 billion in stolen information such as their intellectual property and products as well as decades-long research.15

Former Secretary of Defense Leon Panetta has warned of a "cyber Pearl Harbor," in which attacks aimed at our critical infrastructure could cause substantial and widespread destruction as the attacks can be remotely launched against industrial control systems (ICSs) designed to modify or reprogram those ICSs that control pipelines, train tracks, dams, and electrical networks, thus causing both loss of critical services and also damaging important and costly parts of our infrastructure system.

In 2011, the Department of Homeland Security reported a 383% increase in attacks on our critical infrastructure. The Task Force report stated that, over time, future attacks could become even more destructive as cyber weapons and capacities proliferate and as electricity, power, transportation, and communication infrastructures become increasingly dependent on the Internet. The barriers to entry are low on cyber attack tools, unlike nuclear weapons, and individuals with limited experience can quickly become capable of conducting disruptive actions in cyberspace.16

2.4.1 Challenge of Protecting Our Nation

An outcome of the 9/11 attack on America has been the creation of the Department of Homeland Security, which has resulted in the transfer of 20 federal agencies and over 190,000 personnel to this new federal department. Our nation's only other example of an effort this broad in scope was the creation of our Department of Defense in 1947. The reassignment of federal agencies and personnel to a new department of Homeland Security is not without major political and personnel problems. In addition to the numerous organizational challenges and, in many cases, conflicts surrounding goals and objectives between various organizational units, we have redefined the fundamental premises of Homeland Security from those of National Security. National Security is the responsibility of our federal government, and it is based on the collective and cooperative efforts of our Department of Defense, State Department, and our intelligence community in the defense of our nation as well as protection of our national interests overseas. Homeland Security is now defined as protecting our critical infrastructure and key assets with the cooperation of our private sector organizations and with coordinated assistance of our federal agencies.

The critical infrastructures that make America the strongest and wealthiest nation in the world are also our greatest weakness and our Achilles heel. Therefore, it is incumbent on our nation's leaders to fashion both a strategy and appropriate tactical plans to protect the nation. The scope of the challenge can be measured by the number of infrastructure assets that require our protection. The inventory of assets requiring our vigilance is truly overwhelming, and the national strategy for the physical protection of critical infrastructure and key assets enumerates the challenges as follows:

The Protection Challenge17

Agriculture and Food 1,912,000 farms; 87,000 food processing plants
Water 1,800 federal reservoirs; 1,600 municipal wastewater facilities
Public Health 5,800 registered hospitals
Emergency Services 87,000 U.S. localities
Defense Industrial Base 250,000 firms in 215 distinct industries
Telecommunications 2 billion miles of cable
EnergyElectricity 2,800 power plants; Oil and Natural Gas 300,000 producing sites
Transportation
Aviation
Passenger Rail & Railroads
Highways, Trucking, and Busing
Pipelines
Maritime
Mass Transit

5,000 public airports
120,000 miles of major railroads
590,000 highway bridges
2 million miles of pipelines
300 inland/coastal ports
500 major urban public transit operators
Banking and Finance 26,600 FDIC insured institutions
Chemical Industry and Hazardous Materials66,000 chemical plants
Postal and Shipping 137,000 million delivery sites
Key Assets
National Monuments and Icons
Nuclear Power Plants
Dams
Government Facilities
Commercial Assets

5800 historic buildings
104 commercial nuclear power plants
80,000 dams
3000 government-owned/operated facilities
460 skyscrapers

Each of the aforementioned sectors comprises an important role within our nation's critical infrastructure that contributes to our nation's success, economy, and strength. Since most of these sectors are not governmentally controlled, but in many cases under private ownership, the national strategy requires a rich interface between federal, state, and local governments with private and corporate organizations, thus making the task of designing and managing a national strategy most difficult at best.

In analyzing our nation's critical infrastructure, one of the most inescapable conclusions one can make is the extraordinary problem we as a society have created for ourselves due to deferred maintenance. We simply have not maintained a coherent investment strategy to assure for the maintenance and modernization of the very sectors responsible for our nation's success. Further, since almost 85% of our critical infrastructure is under the direct control of private and corporate organizations, they have equally mismanaged their responsibilities for maintenance and modernization of our infrastructure sectors. As a result, today, we must provide protection of these enormously important resources for both deferred maintenance and modernization.

2.4.2 Three Critical Infrastructures

Three of our nation's most critical infrastructures are selected on the basis of their interdependency impact on all of the remaining 13 critical infrastructures. The three critical infrastructures selected for more detailed analysis are as follows:

  1. Energy and the electrical grid system
  2. Transportation
  3. Telecommunications

Each of these three critical infrastructures can profoundly impact all remaining critical infrastructures, so it is important that we understand their vulnerabilities and risks.

2.4.2.1 Energy and the Electrical Grid System
Energy represents our nation's most critical infrastructure, as it is essential to every aspect of life within our nation. Our entire economy is dependent on the energy that is principally produced by our electrical grid system and our oil and gas system. The very quality of life we enjoy in our nation is directly related to the efficient functioning of our energy system. Our health care systems, all aspects of people's employment, as well as our nation's educational systems all rely on our production and use of energy. Our nation's vital national security and defense systems are totally reliant on our energy infrastructure. The energy infrastructure of our nation is fundamentally organized around two principal sectors, electricity and oil and natural gas.

The first sector, which produces electricity, consists of three major components: generation, transmission, and distribution. The generation of electricity occurs through our use of hydroelectric dams, nuclear power plants, and fossil fuel plants. The transmission and distribution systems link into areas of our electrical grid system. The distribution systems manage, control, and distribute the produced electricity into our businesses, government organizations, and our individual homes.18 The fact that electricity cannot be stored and can be used only at the time it is produced is indicative of how resilient it must be to a terrorist attack. The targeting of this sector can therefore focus on the three principal components of generation plants, transmission lines, and distribution centers and substations. The attack on any one of these three components can create massive problems for our nation. Thus, contrary to popular belief, it is not only the vulnerability of our nuclear power plants and hydroelectric dams but also the very transmission lines and substations most Americans are not even able to identify as to purpose, type, and function that are also vulnerable.

Most of the electricity produced in the United States is a result of our fossil fuel coal-fired units, which produce over 51% of the power generated, while our nuclear power plants produce 20%, oil and gas produce 18%, and hydropower and other renewable sources produce 11%. These items are representative of our nation's generation of power capabilities. The transmission system includes high-voltage lines, towers, underground cables and transformers, breakers, and relays, while the distribution system consists of lower-voltage distribution lines and cables as well as substations. All together, the greatest types of terrorist threat to our electrical power system centers around both physical attacks by terrorists and cyber and electromagnetic attacks.

The physical attacks could focus on any one of the generating stations or transmission and distribution components and either could cause local disruption or, if used in a coordinated fashion with a cyber attack or an electromagnetic attack on our control systems, could result in a serious multistate blackout that could initiate a serious network destabilization outage to our integrated electrical power grid. Theoretically, it is possible to cause our electrical grid system to collapse, with cascading failures in equipment far removed from the point of the attack, thus leading to even longer and more serious blackouts.19

In protecting our electrical grid system from cyber attack, we must monitor and be aware of the new advances being made in cyber weapons. We must also better protect our Supervisory Control and Data Acquisition (SCADA) systems with improved security such as firewalls, use of encryption, and more refined measures for detecting cyber intrusion. Intelligent agent-based networks designed to monitor and respond to cyber threats will also be necessary if we hope to better protect our systems. Also, an area where additional R&D is required centers on ways to detect a cyber attack from internal sources such as disgruntled employees.20

Our national power grid is made up of three independent electric grids: the Eastern Interconnected System, covering the Eastern two-thirds of the nation and the adjacent Easter Canadian Provinces; the Western Interconnected System, consisting of our Western states West of the Rocky Mountains including the Western Canadian Provinces; and our Texas Interconnected System, covering Texas and part of Mexico. Within this very decentralized system, we have Independent Service Operators, more than 3000 local utilities, more than 15,000 generators of power to produce electricity, 10,000 power plants, and hundreds of thousands of miles of transmission lines and distribution networks, all designed to meet our nation's need for producing and distributing the electricity that we need to run almost every aspect of our society from our businesses, government, schools, and homes.21 This electricity cannot be stored but must be available on demand, which means our interconnected system must be prepared to distribute electricity from any of the three interconnected systems to these areas requesting to purchase the electricity.

In 1992, the Energy Policy Act was introduced to deregulate the power industry under the assumption that power produced in the Northwest and Southeast at lower cost could be transmitted to those areas where the cost of power was more expensive. The deregulation also required the unbundling of generation transmission and distribution properties, all previously controlled by local governments and local governmental public utilities.

Another very critical aspect of this deregulation of the industry occurred in the newly approved legislative authorization of permitting the industry to make campaign contributions to members of Congress. This allowed a perfect alignment of the mutual interests of the industry with members of Congress, all now in a new environment free of regulatory oversight.22 Thus, in 1992, the potential for abuse was now put into place and needed only a few other conditions to occur in the ensuing years, which would pave the way for the Enron energy scandal. These subsequent conditions occurred in June 1996, with the Financial Accounting Standard Number 125 being issued and permitting Enron to "effectively book all the profit streams expected from a power plant purchase over the next several years in just one year." By buying up plants each quarter and declaring on its balance sheet the profits anticipated over the next several years, it could show quarterly profits, even if the plant failed to produce the profits in succeeding years or even failed entirely.23

In March 2000, after four years of litigation, the U.S. Supreme Court upheld the new regulations on transmission lines and the separation of both production and distribution, thus requiring transmission lines to be open to all and, in effect, to increase the value of long distance wheeling on our nation's electrical grid system. Electricity trading increased beyond belief, and for wholesale dealers like Enron, they were able to capitalize on purchasing electricity from the generators at the lowest cost and selling to the distributor at the highest cost. Enron was actually performing in the role of an arbitrage wholesaler, in a totally unregulated market, and these three major conditions cost the rate payers of California over $30 billion and numerous blackouts and brownouts.24

Perhaps the irony of our efforts to deal with our nation's most important infrastructure, namely, our electrical grid system, proved to be more vulnerable to those who were entrusted with this system than to the very terrorists we are seeking protection from. In other words, our government officials who carelessly introduced the deregulation environment for our nation's most critical resource and the corporations and executives who exploited this system to enrich their own profits and corporate bonus packages all created an environment in which damages measured between $30 billion to $100 billion to the citizen rate payers of our nation.

There is no recorded amount of any terrorist activity that has cost as much or has done as much damage as the damage done by thoughtless Enron corporate executives' and other government officials' careless regulatory performance of duties. Thus, we have learned that our critical infrastructures must be protected not only from terrorists but also from the very people we entrust to regulate and protect our valuable resources.

Our nation's energy infrastructure is dependent also on our ability to manage our oil and natural gas sector. Our economy is dependent on a cost-effective system of oil production, refining, distribution, and transportation of this critical product. Our nation's ability to transport crude oil is based on over 160,000 miles of pipelines, storage terminals, and a refinery system, which includes more than 160 oil refineries that range in the capability of producing between 5000 and 500,000 barrels per day. While our nation has over 600,000 oil wells, we must still import oil to manage the demands from our citizens and corporations. In fact, oil products provide 97% of the energy used in our transportation sector.

The natural gas industry is a vast network of privately owned and operated gas wells, numbering in excess of 275,000 wells, 278,000 miles of natural gas pipelines, and more than 1,119,000 miles of natural gas distribution lines. This system was created to meet market demand and to maintain safety, and while vandalism was taken into account, the system, like so many other parts of our infrastructure, was not designed to withstand a terrorist attack.25 Because natural gas provides over 25% of residential and industrial energy needs, it is a critical portion of our nation's energy infrastructure.

Altogether, our nation's electrical grid system and our oil and natural gas systems are all critical to the total functioning of almost every aspect of our economy, and any disruption in these services for even a few days could have enormous consequences. The potential range of targets for these systems is enormous, both in terms of geographic issues and the complex interdependencies that require coordinated system-to-system interface.

Another important aspect to consider in protecting these systems from terrorist targeting opportunities is to acknowledge how totally dependent each of these industries is on cyber computer systems. Since these industries have not yet experienced sophisticated cyber attacks, they have not fully integrated computer security and intrusion analysis programs to offset and protect themselves from this type of terrorist targeting.

2.4.2.2 Transportation
Our nation's multiple forms of transportation systems have provided not only great convenience to our citizens but also an important and indispensable service to our economic system. Virtually all of our nation's infrastructure components rely on our transportation systems to provide delivery of either the resources they require or the resources they produce.

Our highway system has been constructed in a pattern of interconnected state and local roads, which include over 4 million miles of paved highway. These roads intersect with over 45,000 miles of interstate highway and toll ways, and included in this system are more than 600,000 bridges. In addition to our highway system, our nation also depends on our railroad network, which extends over 300,000 miles for freight traffic, and a commuter rail system, which covers over 10,000 miles of rail. Another important feature of our nation's transportation system is the 500 commercial service airports and the 14,000 general aviation airports, all providing commercial service to the many components of our nation's infrastructure system.26

While our country has invested over $25 billion in protecting our nation's aviation system since the 9/11 attacks, we have not been able to match this investment strategy in other important parts of our infrastructure. For example, Stephen Flynn reports on the 12,000 miles of our inland waterway system, which includes such important rivers as the Mississippi and Ohio River waterways, where barge traffic becomes a very cost-effective form of commercial transportation. A single barge can move the same amount of cargo as 58 trucks at one-tenth the cost, resulting in an annual transportation cost savings to shippers of over $7.8 billion. Of the 257 locks along our inland waterway interstate navigation system, 30 were constructed in the 19th century, and another 92 locks are more than 60 years old on an average planned life span of 50 years. We have over a $600 million backlog in maintenance projects and a need to invest over $5 billion just to keep the system operational.27

Our inland waterway system is also critical to the movement of hazardous chemicals, thus providing a safety factor to what would ordinarily travel on our highway system. Also, the nation's power generation plants that require coal and fossil fuel to produce our electricity can be transported in greater volume and at less cost on our waterway system, as opposed to highway traffic, further reducing the cost of electrical power both to residential and commercial users.

Our railroad system, which transports both freight and passengers, also factors into public safety issues and concerns. The railroad freight system carries a large volume of chemicals such as chlorine gas and other materials, which have the potential for being quite hazardous should an accident occur or should they become a terrorist target. Because trains carry more than 40% of all intercity freight, they also remove many of these chemicals that would otherwise be transported over our highway system. When one factors in the movement of 20 million intercity travelers using our railroad system annually and the 45 million passengers who ride our trains and subways operated by local transit authorities, we experience different safety vulnerabilities. Because this volume of passenger traffic cannot be screened for potential weapons as we screen airline passengers, as a nation, we realize a tradeoff in safety for the necessity of managing a system that must move a large volume of passenger traffic at peak travel times while minimizing disruption of boarding and disembarking of these rail and subway systems.

Our maritime shipping infrastructure, which includes 361 seaports, as well as our coastal and inland waterway system and the numerous locks, dams, and canals, provides a very complex system to protect, given both the range of cargo ships and the incredible volume of cargo that passes through our ports.

Port security is an especially vulnerable part of our nation's infrastructure with the advent of modern container shipping practices, which are capable of very sophisticated loading of containers on ships in which the speed the containers are both loaded and unloaded leaves little time for the inspection of the cargo loaded within each container. In fact, the number of containers that entered the United States in 2004 exceeded 9 million containers, and 95% of these containers were not inspected. These 40-foot containers have the potential of becoming our "21st century Trojan Horse," as they could be loaded with Weapons of Mass Destruction (WMD) or explosives that could easily pass through our port inspection system without notice.

The government's Container Security Initiative, under which cargoes are to be inspected in foreign ports before departing for the United States, is an ideal plan and program; however, it does require a close and very cooperative program with foreign countries to assure for tamper-proof containers. It also will require that the shippers make the appropriate technical modifications so that their containers are tamper proof. The security requirements for providing safety assurance to our U.S. ports will cost over $7.5 billion over the next ten years.28

It is quite obvious how important our nation's transportation system is to our economy and to our safety. The challenge in protecting our citizens and these transportation systems will require enormous efforts in research to develop new methods of protection.

2.4.2.3 Telecommunications
Our nations' telecommunications industry has, over the years, consistently provided reliable, robust, and secure communications that have resulted in our economic prosperity and national security. Our Department of Defense, as well as our federal, state, and local justice agencies, is dependent on the communications capabilities provided by a number of excellent telecommunications firms and companies. Moreover, our nation's economic strength is built on a solid base provided by our telecommunications sector, since all businesses and commercial enterprises rely on our ability to communicate with their customers.

Our telecommunications infrastructure is similar to our energy and electrical grid infrastructure, in that any damage to it would create a cascading impact on other multiple infrastructures because the requirement for fast, secure communication channels and capabilities is implicit in most other infrastructures. As a consequence, the government and the telecommunications industry must often work collaboratively to build and maintain a resilient and secure industry, capable of protecting its widely dispersed critical assets.

The telecommunications sector provides voice and data service to public and private users through a complex and diverse public-network infrastructure encompassing the Public Switched Telecommunications Network (PSTN), the Internet, and private enterprise networks. The PSTN provides switched circuits for telephone, data, and leased point-to-point services. It consists of physical facilities, including over 20,000 switches, access tandems, and other equipment. These components are connected by nearly two billion miles of fiber and copper cable.29

The advances in data network technology accompanied by the incredible demand for data services have resulted in the worldwide proliferation and use of the Internet. While the PSTN remains the backbone of this important infrastructure, the cellular, microwave, and satellite technologies all provide gateways into this very complex system. Because of the convergence of traditional circuit switched networks with the broadband packet-based Internet protocol networks, the telecommunications infrastructure is undergoing a rather significant transformation, which will ultimately lead to the Next Generation Network (NGN).

This convergence, along with the growth of the NGN and the emergence of wireless capabilities, continues to provide challenges to our telecommunications industry and to our government. The evolving new infrastructure must remain reliable, robust, and secure.30

The telecommunications infrastructure is a very clear target of terrorist organizations. As such, the government has definite responsibility to work with the industry to help ensure its protection. At the same time, the government depends on the cooperation of the industry to obtain electronic evidence of terrorist cell activity. The delicate nature of legally acquiring such evidence is of importance to both the industry, which seeks protection from legal lawsuits and liability, and the government, which seeks legal justification to both continue electronic searching as well as use such material in subsequent litigation against terrorist members and organizations. Because of the realities of both cyber and physical threats to our nation and the telecommunications industry, the government must work with the industry to understand our vulnerabilities and develop countermeasures, and establish policies, plans, and procedures that will result in the mitigation of these risks.

The attack on our World Trade Center and the Pentagon on September 11, 2001, revealed the rather substantial threat that terrorism poses to our infrastructure demonstrated great resiliency as damage to telecommunications assets at the attack sites was offset by a diverse, redundant, and multifaceted communication capability. Nevertheless, in the future, it is quite apparent that a terrorist attack targeting our telecommunications infrastructure as well as another infrastructure or target in a simultaneous manner would have a most profound impact on our nation. Therefore, we can anticipate that our telecommunications infrastructure will be a more focused target of terrorists in future attempts to attack our nation.

2.4.3 R&D in Support of Our Nation's Critical Infrastructures

On the basis of the government's identification of our nation's critical infrastructure, the Executive Office of the President and the OSTP developed a research plan structured around nine science, engineering, and technology themes that would support the entire critical infrastructure sectors previously enumerated. The nine focused areas to encourage R&D for the critical infrastructure sectors are as follows:

  • Detection and sensor systems
  • Protection and prevention
  • Entry and access portals
  • Insider threats
  • Analysis and decision support systems
  • Response, recovery and reconstitution
  • New and emerging threats and vulnerabilities
  • Advanced infrastructure architectures and systems design
  • Human and social issues31

By mapping the long-term overarching goals to five sciences and engineering and technology themes, the following R&D priorities were created:

1. Improve sensor performance
–Develop technology to detect unexploded ordinance.
–Develop a real-time global positioning system synchronized for electrical grid monitoring.
–Improve sensor arrays and improve explosive and radiological detection.
–Improve sensors for detection of tampering with water systems and building, heating, ventilation and air-conditioning (HVAC) systems.
–Improve SCADA security for water systems and HVAC systems.

2. Advance risk modeling, simulation, and analysis for decision support –Standardize vulnerability analysis and risk analysis of critical infrastructure sectors.
–Conduct quantitative risk assessments to better quantify terrorism risks to the critical infrastructure sectors.

3. Improve cybersecurity –Develop new methods for protection from automated detection of, response to, and recovery from attacks on critical information infrastructure systems.
–Foster migration to a more secure Internet infrastructure.

4. Address the insider threat –Improve technologies such as intent determination and anomalous behavior monitoring for insider threat detection, covering physical and cyber infrastructure.

5. Improve large-scale situational awareness for critical infrastructure –Define the communication and computing system architecture needed to create a national common operating picture of the nation's critical infrastructures.32

About the Book

From Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare by Thomas A. Johnson; ISBN 978-1-4822-3922-5. CRC Press, 2015.

 
Subscribe to
Information Security Today







Bookmark and Share


© Copyright 2015 Auerbach Publications