Infrastructure security

Last updated July 27, 2023

Infrastructure security is the security provided to protect infrastructure, especially critical infrastructure, such as airports, highways ^[1] rail transport, hospitals, bridges, transport hubs, network communications, media, the electricity grid, dams, power plants, seaports, oil refineries, liquefied natural gas terminals ^[2] and water systems. Infrastructure security seeks to limit vulnerability of these structures and systems to sabotage, terrorism, and contamination.^[3]

Critical infrastructures naturally utilize information technology as this capability has become more and more available. As a result, they have become highly interconnected, and interdependent. Intrusions and disruptions in one infrastructure might provoke unexpected failures in others, which makes handing interdependencies a key concern.^[4]

There are several examples where an incident at one critical infrastructure site affects others. For example, in 2003, the Northeastern American areas experienced a power outage that appears to have originated in the Midwest, and possibly from a tree branch.^[5] In 2013, damage caused by a sniper attack at an electrical substation in California threatened power distribution throughout Silicon Valley.^[6] The 2020 Nashville bombing caused telecommunications outages in several states.

Potential causes of infrastructure failure

Critical infrastructure is vital for essential functioning of a country. Incidental or deliberate damage will have serious impact on the economy as well as providing essential services to the communities it serves. There are a number of reasons why infrastructure needs to be heavily secured and protected.

Terrorism - person or groups deliberately targeting critical infrastructure for political gain. In the November 2008 Mumbai attacks, the Mumbai central station and hospital were deliberately targeted.
Theft – person of groups breaking into critical infrastructure sites like electrical substations or telecommunication towers to steal materials or equipment (e.g. metal theft)
Sabotage - person or groups such as ex-employee, political groups against governments, environmental groups in defense of environment. Refer to Bangkok's International Airport Seized by Protestors.
Information warfare - private person hacking for private gain or countries initiating attacks to glean information and also damage a country's infrastructure. For example, in cyberattacks on Estonia and cyberattacks during the 2008 South Ossetia war.
Natural disaster - hurricane or natural events which damage critical infrastructure such as oil pipelines, water and power grids. See Hurricane Ike and Economic effects of Hurricane Katrina.

Security challenges for the electricity infrastructure

One of the fundamental foundations of modern society is the electrical power systems. An intentional disruption of electricity supplies would affect national security, the economy, and every person's life. Because power grids and their sources are widely dispersed, this is a challenge for the effectiveness of defensive organizations and structures.^[7]

Sabotage can damage electrical sources for the power grid, including civilian nuclear power stations. Sabotage in the form of cyberattacks can create havoc with computer, communication, and information systems, which could severely interrupt the electrical supply. This in turn can cause major disruptions to other infrastructure components of society. Comprehensive defense plans are proposed.^[4]

One method is to isolate load systems. Sophisticated defense systems should be wide-area, real-time protection, with control systems that are alerted and guided by sensing technologies. Communication and information must be capably routed.^[4]

Remedies

Many countries have initiated government agencies to directly manage the security of critical infrastructure usually through the Ministry of Interior/Home Affairs, dedicated security agencies to protect facilities such as United States Federal Protective Service, as well as dedicated transport police such as the UK's British Transport Police and Amtrak Police in the United States.

A number of government organizations focus on infrastructure security and protection. In the USA, the Technical Support Working Group has the Infrastructure Protection Subgroup. The UK has the National Infrastructure Security Co-ordination Centre.^{[ citation needed ]}

Critical infrastructure sites may deploy perimeter intrusion detection systems, video surveillance, access control and other security systems to detect and respond to intruders and other security events.^{[ citation needed ]} Meanwhile, maritime and offshore critical infrastructure sites can benefit from the deployment of satellite imagery, sensors, advanced patrol aircraft, autonomous underwater vehicles and anti-drone capabilities, among other solutions.^[8]

Related Research Articles

National security, or national defence, is the security and defence of a sovereign state, including its citizens, economy, and institutions, which is regarded as a duty of government. Originally conceived as protection against military attack, national security is widely understood to include also non-military dimensions, such as the security from terrorism, minimization of crime, economic security, energy security, environmental security, food security, and cyber-security. Similarly, national security risks include, in addition to the actions of other nation states, action by violent non-state actors, by narcotic cartels, organized crime, by multinational corporations, and also the effects of natural disasters.

A power outage is the loss of the electrical power network supply to an end user.

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

A rolling blackout, also referred to as rota or rotational load shedding, rota disconnection, feeder rotation, or a rotating outage, is an intentionally engineered electrical power shutdown in which electricity delivery is stopped for non-overlapping periods of time over different parts of the distribution region. Rolling blackouts are a last-resort measure used by an electric utility company to avoid a total blackout of the power system.

A transmission system operator (TSO) is an entity entrusted with transporting energy in the form of natural gas or electrical power on a national or regional level, using fixed infrastructure. The term is defined by the European Commission. The certification procedure for transmission system operators is listed in Article 10 of the Electricity and Gas Directives of 2009.

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

In the U.S., critical infrastructure protection (CIP) is a concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or the nation. The American Presidential directive PDD-63 of May 1998 set up a national program of "Critical Infrastructure Protection". In 2014 the NIST Cybersecurity Framework was published after further presidential directives.

Energy security is the association between national security and the availability of natural resources for energy consumption. Access to cheaper energy has become essential to the functioning of modern economies. However, the uneven distribution of energy supplies among countries has led to significant vulnerabilities. International energy relations have contributed to the globalization of the world leading to energy security and energy vulnerability at the same time.

A smart grid is an electrical grid which includes a variety of operation and energy measures including:

The Infrastructure Protection and Disaster Management Division (IDD) is a division of the Science and Technology Directorate of the United States Department of Homeland Security. Within the Homeland Security Advanced Research Projects Agency, IDD develops technologies to improve and increase the United States' strategic preparedness response to natural and man-made threats through situational awareness, emergency response capabilities, and critical infrastructure protection.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

Dr. Paul N. Stockton is the President of Paul N Stockton LLC, a strategic advisory firm in Santa Fe, NM. From 2009-2013, Dr. Stockton served as Assistant Secretary of Defense for Homeland Defense and Americas' Security Affairs, where he helped lead the Department's response to Hurricane Sandy. He was responsible for Defense Critical Infrastructure Protection, Western Hemisphere security policy, domestic crisis management, continuity of operations planning, and a range of other responsibilities. While Assistant Secretary, Dr. Stockton also served as Executive Director of the Council of Governors. After serving as Assistant Secretary, Dr. Stockton was the Managing Director of Sonecon LLC, an advisory firm in Washington, DC, from 2013-2020.

<span class="mw-page-title-main">Cyberattack</span> Attack on a computer system

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).

On December 23, 2015, the power grid in two western oblasts of Ukraine was hacked, which resulted in power outages for roughly 230,000 consumers in Ukraine for 1-6 hours. The attack took place during the ongoing Russo-Ukrainian War (2014-present) and is attributed to a Russian advanced persistent threat group known as "Sandworm". It is the first publicly acknowledged successful cyberattack on a power grid.

Electrical disruptions caused by squirrels are common and widespread, and can involve the disruption of power grids. It has been hypothesized that the threat to the internet, infrastructure and services posed by squirrels may exceed that posed by cyber-attacks. Although many commentators have highlighted humorous aspects of the concern, squirrels have proven consistently able to cripple power grids in many countries, and the danger posed to the electrical grid from squirrels is ongoing and significant. This has led to tabulations and maps compiled of the relevant data.

Electric grid security in the US refer to the activities that utilities, regulators, and other stakeholders play in securing the national electricity grid. The American electrical grid is going through one of the largest changes in its history, which is the move to smart grid technology. The smart grid allows energy customers and energy providers to more efficiently manage and generate electricity. Similar to other new technologies, the smart grid also introduces new concerns about security.

A cyberattack happened in the Ukrainian capital Kyiv just before midnight on 17 December 2016, and lasted for just over an hour. The national electricity transmission operator Ukrenergo said that the attack had cut one fifth of the city's power consumption at that time of night.

Electrical grid security in the United States involves the physical and cybersecurity of the United States electrical grid.

Power resilience refers to a company's ability to adapt to power outages. Frequent outages have forced businesses to take into account the "cost of not having access to power" in addition to the traditional "cost of power". Climate-related issues have intensified the attention on energy sustainability and resilience. In the United States, electric utility firms have registered over 2500 significant power outages since 2002, with almost half of them attributed to weather events, including storms, hurricanes, and other unspecified severe weather occurrences. These incidents often lead to significant economic losses.

References

↑ "TSA: Highways". Archived from the original on 2008-12-02. Retrieved 2008-12-07.
↑ Trakimavicius, Lukas. "Required: Sentinels for Europe's Maritime Lifelines". Center for European Policy Analysis. Retrieved 2023-07-26.
↑ "TSA | Who We Are". Archived from the original on 2008-12-16. Retrieved 2008-12-07.
1 2 3 Li, Hao; et al. (May 2005). "Strategic Power Infrastructure Defense" (PDF). Proceedings of the IEEE. 93 (5): 918–933. doi:10.1109/JPROC.2005.847260. S2CID 3242429 . Retrieved 2009-11-07.
↑ "Archived copy". Archived from the original on 2015-12-30. Retrieved 2009-10-25.{{cite web}}: CS1 maint: archived copy as title (link)
↑ Martinez, Michael (8 February 2014). "Sniper fire on Silicon Valley power grid spurs ex-regulator's crusade". CNN. Retrieved 2020-01-27.
↑ Massoud, Amin (April 2002). "Security Challenges for the Electricity Infrastructure (Supplement to Computer Magazine)". Computer. 35 (4): 8. doi:10.1109/MC.2002.10042.
↑ Trakimavicius, Lukas. "Required: Sentinels for Europe's Maritime Lifelines". Center for European Policy Analysis. Retrieved 2023-07-26.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "TSA: Highways". Archived from the original on 2008-12-02. Retrieved 2008-12-07.

[2] Trakimavicius, Lukas. "Required: Sentinels for Europe's Maritime Lifelines". Center for European Policy Analysis. Retrieved 2023-07-26.

[3] "TSA | Who We Are". Archived from the original on 2008-12-16. Retrieved 2008-12-07.

[electrical-defense-4] 1 2 3 Li, Hao; et al. (May 2005). "Strategic Power Infrastructure Defense" (PDF). Proceedings of the IEEE. 93 (5): 918–933. doi:10.1109/JPROC.2005.847260. S2CID 3242429 . Retrieved 2009-11-07.

[5] "Archived copy". Archived from the original on 2015-12-30. Retrieved 2009-10-25.{{cite web}}: CS1 maint: archived copy as title (link)

[6] Martinez, Michael (8 February 2014). "Sniper fire on Silicon Valley power grid spurs ex-regulator's crusade". CNN. Retrieved 2020-01-27.

[elec-infra-7] Massoud, Amin (April 2002). "Security Challenges for the Electricity Infrastructure (Supplement to Computer Magazine)". Computer. 35 (4): 8. doi:10.1109/MC.2002.10042.

[8] Trakimavicius, Lukas. "Required: Sentinels for Europe's Maritime Lifelines". Center for European Policy Analysis. Retrieved 2023-07-26.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]