The critical infrastructure of the United States includes all those systems and assets that are essential to the proper functioning, economy, health, and safety of American society. The roads and railways that we travel on; the Internet and the mobile networks that connect us; the water that we drink; the healthcare, financial services and security that we depend on; and the electricity that lights our world — essentially, all we consider vital for our routine lives relies on the critical infrastructure that supports these sectors. 

So, what happens if this critical infrastructure becomes the target of a planned cyber disruption? Life as we know it could come to a halt. Such cyber attacks could have grave implications whether they threaten citizens’ lives or a state’s sovereignty.

What Makes Critical Infrastructure So Vulnerable?

There are 16 major sectors considered critical by the Department of Homeland Security (DHS). Despite the increasing digitization, most sectors still rely heavily on legacy systems. This presents threat actors with a unique opportunity to bank on the vulnerabilities of decades-old infrastructure components.

In addition, a significant portion of the U.S. critical infrastructure is owned and operated by the private sector. This means that cybersecurity can become less of a priority than that of maximizing corporate profits. Most companies also outsource functions that are not part of their core competencies. This results in a complicated mesh of technologies and services, increased attack surfaces and loss of visibility and control. For smaller companies, lack of budget and cybersecurity expertise is yet another issue.

Importance of Threat Prevention in Critical Infrastructure Sectors

Security experts have repeatedly warned about the possibility of Supervisory Control And Data Acquisition (SCADA) attacks that can cause complete blackouts and worse. Advanced Persistent Threat (APT) hacker groups have become a virtual extension (Read more...)