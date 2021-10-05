



The critical infrastructure that Americans rely on every day for electricity, transportation, water, connectivity, etc. has reached a full storm of vulnerabilities.

As seen in recent Colonial Pipeline attacks, the range and sophistication of threats is increasing. These include positioning such as GPS, navigation, interruptions in timing (PNT) systems, concerns about the impact of electromagnetic pulse attacks on electrical grids and equipment, and recent industrial control systems for urban water services in Allsmer, Florida. Includes hacking. On the other hand, the attack surface itself is expanding exponentially with the move to classify space asset satellites, sensors, and command and control systems as important infrastructure.

But we see government agencies responding in a myriad of important and influential ways. Last year alone, the Department of Homeland Security’s Department of Science and Technology recently released PNT resources and algorithms to protect against GPS spoofing. The Ministry of Energy has a 100-day plan for DOE, the power industry, and cybersecurity and infrastructure security agencies to enhance cybersecurity in utilities’ industrial control systems (ICS) and energy sector supply chains. have started. Space Policy Directive-5 also plays a leading role in DHS and CISA, strengthening cyber defenses for key systems used for global communications, navigation, weather monitoring, and other critical services. These developments strengthen and strengthen EO 13865, establishing the resoring and security standards of critical US infrastructure as a national priority.

While we’re on the right track, why critical infrastructure is so vulnerable today, why it’s so difficult to protect, and federal IT leaders and infrastructure managers digital transformation, especially data, An overview of how you need to create analytics, smarter portfolio management. It is more elastic and maintains this momentum.

Innovation spurs confusion

When government agencies connect systems and adopt new technologies, they face security challenges-22. For example, consider a smart building. Smart buildings serve to connect the physical and digital worlds through the connected web of digital-enabled devices, networks and applications. Smart buildings combine key features of connectivity, automation, open architecture, and interoperability for buildings, businesses, and their occupants.

However, hackers can shut down the entire business because the organization connects the system to IP networks, external access, and the cloud. For example, operating heating or cooling in a temperature-sensitive location can shut down critical temperature or power management functions in the data center, disrupt IT equipment, and take business-critical applications offline.

What did such an attack really look like? In one example, a security researcher hacked a building control system with a large internet search provider to gain administrative access to the Digital Bill Control Panel. In another case, a security consultant could control all rooms in a Chinese hotel situation that could be used by a malicious attacker for actions such as manipulating control systems or stealing guest data.

Buildings are not the only ones at risk. Consider valuable monitoring and targeting data collected by marine vessel sensors. Attacks on networks to steal sensitive information are becoming more widespread and sophisticated. PNT solutions that support cargo ships in transit are another area of ​​potential attack.

Five years have passed since an unknown cyber force first disrupted the operation of the energy grid, causing power outages for more than 225,000 Ukrainian customers. The incident affected operators in the power sector, but the tactics could have been easily implemented in any sector of energy, transportation, telecommunications, or even space.

Electronic warfare also threatens the physical infrastructure. For example, as it happened with Dyn, a domain name system provider in Europe and North America, an attacker could gain unauthorized access to a physical security system connected to the Internet to enable dynamic attacks, cameras, digital recorders, etc. Consider destroying the printer system.

A new approach to portfolio management

At the same time, federal agencies face many portfolio management challenges related to critical infrastructure. Fragmented ownership is one. Water system infrastructure may be partly owned by the government, partly by a private partner, and partly by the owner / operator. Who is responsible for cybersecurity and other threat protection? How can all parties work together towards the resilience of the entire system?

Given these complexities, government agencies need to take a flexible and adaptable approach to technology development, procurement and maintenance, working on silos and systems as a whole.

The nature of operational technology (OT) presents another challenge. For example, many ICS systems were originally built with a focus on reliability and security rather than cybersecurity. In addition, OT systems, unlike traditional IT systems, cannot be taken offline for extended periods of time for vulnerability testing, patching, or risk assessment.

Expertise can facilitate the process. An interdisciplinary team of ICS and security experts, risk assessors, and others spends four to six months, and even one to two months, to perform a full range of FISMA-compliant cybersecurity assessments. It can be significantly reduced to a month.

Such expertise can also be useful in monitoring the status of threats. Teams with in-depth knowledge of how to design OT and ICS systems, how they work together, and vulnerabilities that attackers can exploit know what problems to look for and the best way to fix them. It is more likely that you are there. With open source intelligence gathering, reverse engineering of attack vectors, and in-depth analysis of incidents associated with the attack, the mitigations needed to strengthen the location of the attack, the person who performed the attack, and the security regime. Gain important insights into.

Make innovation part of the solution

Just as advanced technology raises the threat to critical infrastructure, digital innovations to protect these critical assets are coming to the fore. For example, the GPS and surveillance control and data acquisition (SCADA) systems used to monitor and control ICS systems are both essential to power networks and transmission. Tools such as wargaming and strategic simulation can be used to enhance the protection of SCADA systems and allow the System Program Office to modernize and enhance GPS systems to improve resilience to disruption.

New technologies will also help you design and build a more resilient infrastructure for the future and optimize resources in this quest. In the case of space systems, the concept of digital twins, a kind of mirror model that synchronizes physical objects with cyber representations, allows organizations to test satellites in a variety of scenarios to identify vulnerabilities and strategize protection. I can do it.

In the fields of engineering and construction, more and more advanced technologies such as drones, LiDAR and IoT systems are being applied to generate rich data streams that improve the efficiency and accuracy of planning, design, construction and maintenance. increase. As these methods evolve and transform traditional architectural engineering methods, AI will use this data to provide normative guidance to planners and portfolio managers for real-time, autonomous, critical infrastructure management. Make it possible. When applied to total cost management best practices, the rise of total cost management analysis and machine-guided analysis was seen. These can overhaul traditional construction and maintenance processes, allowing agencies to do more with less effort.

Just as digital transformation threatens the security of buildings, power grids, satellite systems, etc., innovation can also be used to build restoring force. These are just some of the ways data, analytics, and new technologies can help protect a country’s vast and ubiquitous critical infrastructure, but to protect some of its most important and vulnerable assets. You still need to implement them.

Steve Buchanan is the principal of Booz Allen Hamilton.

