CASE 4: the DHS Critical Infrastructure 16 Sectors

Introduction

Hundreds of thousands of analog control systems in the Critical Infrastructure sector are being replaced with digital systems in today’s society. The digital systems provider managers with a remote control and visibility over several aspects of operations including generation and transmission of energy, temperature regulation in nuclear plans, flow and pressures in refineries flow and record of financial records. All these digitalized processes have made industrial and non-industrial activities more efficient. However, the digital connectivity used by managers to control data and activities in different sectors have become hot spots for cyber criminals. Cyber criminals use existing vulnerabilities to steal critical information, disrupt processes, and cause massive damages to equipments. Hackers, mainly from China, Middle East Countries, and Russia have undermined the America critical infrastructure several times recently (Traynor, 2007). While control breaches are common, industrial control systems have become avenues of targeted attacked by these skilled adversaries. Some of the most and least vulnerable sectors are discussed below.

Most vulnerable critical infrastructure sectors

1. The Healthcare and Public Health Sector

In America Healthcare and Public health sector is the most important sector today. The sector itself is large running from healthcare facilities to drug manufacturers and to insurance companies. Healthcare sector possess wealth of information beneficial to hospitals, insurance companies, government, and patients. The ability of healthcare professionals to access this information with ease makes it easy for health professionals to offer immediate assistance to patients and others in between. However, this information or data is what criminals need. Criminals use existing vulnerabilities to steal the same data and use them to commit fraud, data ransoming, financial crimes, corporate espionage, and even commit intentional disruption on the healthcare system to slow service delivery. These types of cyber attacks whenever they occur causes several impacts such as slow service deliver, loss of finances by insurance companies, and exposure of highly private and confidential information. Healthcare sector is currently improving its cyber security risk management and preparedness processes in order to manage such occurrences at its early stages (Espiner, 2008).

2. Financial service sector

The Financial Services Sector is a vital component of our nation’s critical infrastructure but remains one of the most breached sectors.  It has information that if breached accounts to massive loss not only to the financial sector but other intertwined sectors. The financial sector is largely dependent on other sectors such as the healthcare, energy, and transport and in the event of data breach risks affects all those in the equation. An attack on financial service sector leads to massive financial crimes, loss of private information, and intentional disruptions. In order to minimize or avoid financial service sabotage by criminals the sector constantly advises members to update their security protocol and systems in order to stay ahead of potential threats. Staff and customers are advised not to open suspicious emails as it exposes them to ransomware and other malicious software (Herzog, 2011).

3. Critical manufacturing sector

Critical manufacturing sector is currently among the most attacked sectors. The recent Industrial Control System modules of the HAVEX Trojan are an example of cyber attack on the manufacturing sector. This type of attack uses a malware to attack critical sectors and infringes itself on software’s updates distributed normally by control system manufacturers. When this malware gets to the desired network it collects information from the control devices and transfers it to cyber criminals. This type of attack in the critical manufacturing sector has resulted in massive theft of intellectual property and attack on various organizations’ production control systems. To prevent this and other threats the sector emphasizes on latest security systems and protocols and proper encryption of data in order to prevent access by third parties (Kushner, 2013).

Least Vulnerable Critical Infrastructure Sectors 

1. Dam Sectors

The Dam sector comprises navigation locks, dam projects, hurricane barriers, levees, and other water retention and control facilities. The projects mentioned herein does not bring massive benefits to attackers were they to attack the sector. In essence, the information is less beneficial as compared to committing cyber attack on financial sectors where one gets to access financial records, and other private information.

2. Water and Wastewater Systems Sector

Water and Wastewater system sector is least attacked by criminals because it does not have massive benefits as compared to other sectors such as financial sectors. Information and intellectual property that defines the system is less desirable for attackers and thus less beneficial. However, so attackers sabotage this sector mainly to slow down processes such as water supply and distribution to households. 

3. Chemical sector

Chemical facilities are full of dangerous substances but little moves have been made by criminals to disrupt this specific sector. This less attacks on the sector is because attackers have little to benefit from this sector. However, computers run chemical factories and attackers might use existing loopholes to slow processes or steal intellectual.

Conclusion

In conclusion, risk management in all these sectors in essential irrespective of how likely or unlikely it can be attacked. In some sectors no matter how effective risk management is the risk can never be eliminated completely and constant update of cyber security and cyber insurance becomes necessary. 

References

Armed Forces Communications and Electronics Association (AFCEA) (2008). The Russo-Georgian War 2008: The role of the cyber attacks in the conflict. Retrieved from http://www.afcea.org/committees/cyber/documents/TheRusso-GeorgianWar2008.pdf

Denial-of-Service: The Estonian cyberwar and its implications for U.S. National Security. International Affairs Review. (2016). Iar-gwu.org. Retrieved from http://www.iar-gwu.org/node/65.

Espiner, T. (2008). Georgia accuses Russia of coordinated cyberattack (2008). Retrieved from http://www.cnet.com/news/georgia-accuses-russia-of-coordinated-cyberattack/

Herzog, S. (2011). Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses. Journal of Strategic Security, 4(2), 49-60. Retrieved from http://scholarcommons.usf.edu/jss/vol4/iss2/4/?utm_source=scholarcommons.usf.edu%2Fjss%2Fvol4%2Fiss2%2F4&utm_medium=PDF&utm_campaign=PDFCoverPages

Kushner, D. (2013). The real story of Stuxnet. Retrieved from http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet

Traynor, I. (2007). Russia accused of unleashing cyberwar to disable Estonia. The Guardian. Retrieved from http://www.theguardian.com/world/2007/may/17/topstories3.russia