Protecting Your Critical Infrastructure; Understanding the Cyberspace Threat
Not a week goes by now without some news article highlighting an organisation that has been impacted by a data breach. But still, far too few organisations understand the nature of the cyberspace threat, or indeed, how they can best protect themselves. This series will help explain the nature of the cyberspace threat, and also what you can do to protect your organisation.
The types of threats in cyberspace are, of course, numerous, varied and changing almost every hour, and can come from nation-states, organized cyber criminals, thieves interested in the monetary value from hacking the asset, industrial spies, hactivists and terrorists. However, the threat itself is often exacerbated - or indeed made real - only by personnel error or omission, in both the physical and cyber domains. Hence, a critical infrastructure can be damaged or incapacitated by a human simply making a mistake - such as leaving a vulnerability in some important security software - or by leaving a door or computer unlocked. Even though these sound like simple mistakes, at the right time and place a terrorist or cybercriminal can take advantage of the opportunity and cause serious damage.
The Verizon 2012 Data Breach Investigations Report reviewed over 855 data breaches across 174 million stolen records globally and found that in 2011, 58 percent of data stolen was attributed to hacktivism; 79 percent of attacks were opportunistic and of all attacks, 96 percent were not highly difficult, meaning they did not require advanced skills or extensive resources. Additionally, 97 percent of the attacks were avoidable, without the need for organizations to resort to difficult or expensive countermeasures.
Regarding physical attacks, the US Federal Bureau of Investigation (FBI) publishes an annual analysis of terrorist activities. In its recent 2011 report, it analyzed terrorist attacks globally; the FBI observed that over two-thirds of all terrorist attacks struck infrastructure or facilities. Of those, transportation assets and public places were the most frequent targets. Transportation facilities - such as vehicles, buses and transportation infrastructure - incurred damage in about 27 percent of the attacks while public places - including communal areas, markets, polling stations, religious institutions, schools and residences - incurred damage in about 21 percent of the attacks.
Overall, the main threats to critical infrastructure and key assets are cyber by quantity of attack vectors and frequency of attacks; however, physical attacks can certainly be the most damaging to the long-term operation of the facility or asset.
