Page 136 - Cyber Terrorism and Extremism as Threat to Critical Infrastructure Protection
P. 136
SECTION II: CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION
cies provide the vectors for the transmission of risks, vulnerabilities and threats, not just those
stemming from the security environment, but also those created through interactions between
the infrastructures or infrastructure components, leading to complexity and unanticipated sys-
tem behaviours (Keating et al, 2014).
The Covid-19 pandemic of 2020, especially, has highlighted the interdependencies of several
categories of critical infrastructure, with the inadequacy of the critical health infrastructures
and the attendant emergency measures having an impact on most facets of social life and the
economy, which can be conceptualized as transport infrastructure, food supply infrastructure,
financial infrastructure and so on, as well as the cross-border impact of infrastructure disrup-
tion, either partial or total. It has also highlighted the potential of physical, cyber, or supply
chain attacks on health infrastructure to disrupt the normal functioning of society and to ag-
gravate ongoing crises.
The ambiguity and uncertainty of complex systems constitutes a challenge for owners/opera-
tors and for state authorities. The materialization of an event which leads to a crisis can lead to
disruptions propagating throughout an entire system, in ways both expected and unexpected,
due to the “fortuitous alignment of breakages” and other factors enabling rapid transmission
(Pescaroli & Alexander, 2016). These factors include a lack of system adaptability, insuffi-
cient margins, lack of substitution in resources, lack of flexibility, lack of reserves, and often
stem not from system failure, but from the results of desired efficiencies and costs savings.
The resulting phenomenon leads to the prolongation and aggravation of crises, as well as to
unexpected escalations and other interactions, both within national borders, and also beyond
them (Pescaroli & Alexander, 2016).
Critical infrastructure is naturally vulnerable to deliberate disruption. Terrorists may themselves
use an intuitive or even a professional version of criticality theory to plan their actions so they
can generate the maximum impact (short, medium and long-term) with the least costs or few-
est risks of failure. The targeting of critical infrastructure is also becoming a preferred activity
of state-sponsored actors, as a means of hybrid warfare disrupting both civilian and military
infrastructure, and placing pressures on the target society’s economy, civil society and politics.
It therefore becomes a supremely useful means of coercion against a rival or an adversary, who
must act to reduce the vulnerability to these methods. This may serve as a preamble to a clas-
sic conventional military conflict, or as a strategy to avoid conventional warfare and an armed
response through plausible deniability and measures below the threshold of war.
The SEE region features several characteristics, from a CI point of view, which impact the
security environment:
• A heterogeneity of state entities when it comes to resources, government capacity and
membership in CIP-relevant international organizations (the EU, NATO etc.);
• In the case of former Communist nations, a lack of basic infrastructure for modern eco-
nomic processes, and the advanced decay of the existing, often extensive, infrastructure,
which is often nearing the end of its planned lifespan;
• A weaker institutional capacity, with low levels of trust and social capital, affecting the
positive cooperation between state authorities and local communities or between busi-
ness organizations (the majority or plurality of CI operators) and the authorities;
• A drive for catch-up growth which prioritizes speed over security, and leads to differenc-
es in the rates of advancement between profit and efficiency-oriented actors and security-
oriented authorities. The CI inventory develops more rapidly than the state capacity to
136
