Page 140 - Cyber Terrorism and Extremism as Threat to Critical Infrastructure Protection
P. 140
SECTION II: CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION
The current trends in the realm of cybersecurity, as evidenced by numerous studies in the field,
for example Coburn et al. (2019) and O’Gorman et al. (2019), show that there is an increase
in cybercrime that specifically targets critical infrastructure. Firstly, we have the exceptional
growth in supply chain attacks through specific means – 78% from 2017 to 2018 (O’Gorman
et al., 2019). Secondly, we have the various sector-based analyses which show that energy,
transport, public administration, finance and others are key targets for cyberattacks, either
motivated by profit, by ideology or by politics (Coburn et al., 2019).
At the same time, we are witnessing the potentially uncontrolled proliferation of cyber weap-
ons and the possibility of their modification to suit particular needs (Georgescu et al, 2019).
Even without the loss of state-sponsored cyber weapons, we are also witnessing a disconnect
between attacker and skill set. Previously, the attacker would need a specific skill set and
knowledge to succeed. Today, the commodification of malware and the mirroring of legiti-
mate business processes, such as the ability to purchase hacking services, DDoS attacks and
so on, has resulted in a wider range of potential attackers, “democratizing” cyber disruption,
whether coming from rivals, professional criminals, activists or even terrorists (Georgescu,
2018).
Every piece of critical infrastructure in an advanced nation is controlled partly or completely
through networked systems that enable specific functionalities and efficiencies involving data
management, feedback loops, information gathering and processing and coordination. Every
developing nation desires an infrastructure profile that ultimately increases the permeation
of their critical infrastructures by cyber. This means that exposure to cyber risks is growing
simultaneously with the growth in the number of attackers, their means and their potential
rewards from attacks.
These trends are exacerbated by paradigm shifts such as the Internet-of-Things with billions
of devices and sensors, ubiquitous computing, artificial intelligence and, least remarked of
all, the growth in the use of commercial-off-the-shelf solutions for complex and vulnerable
systems, such as industrial control systems and SCADA (Georgescu & Cîrnu, 2019). More
and more, even military technology and satellites (Falco, 2018) are based on commercial-
off-the-shelf technologies and software. Whereas previously a SCADA system would feature
proprietary equipment and software, dedicated communication lines and other advantages
that offered it “security by opacity” from attackers, today these systems and others rely on
internet connectivity, commercial sensors and equipment, and commercial software (Nazir
et al., 2017). This evolution was motivated by mounting costs and the desire to enable new
functionalities and efficiencies, but has resulted in this particular vulnerability. These evolu-
tions effectively applied the logic of fast replacing consumer goods and electronics to durable
goods and, increasingly, to complex systems whose lifespan is measured in decades. The
profusion of unpatched and unpatchable devices results in long-term vulnerabilities which
are inherent in the system until it is upgraded, a complex process which often results in the
layering of different generations of control systems in a way which may result in emergent
behaviours and new, non-deliberate threats, while also possibly giving rise to system exploits
which may be used by adversaries.
In conclusion, the cyber dimension of critical infrastructure has generated a persistent and
evolving security problem which facilitates terrorism and other forms of deliberate disruption,
and which must be addressed through systemic resilience.
140
