Why Critical National Infrastructure Organizations Shouldn’t Overlook DDoS Attacks
On the 1st of November the Department of Homeland Security kicked off its National Critical Infrastructure Security and Resilience Month. The month is aimed at raising awareness on the security issues which surround our critical national infrastructure and providing organizations with best-practice advice on ways to help keep these systems safe from physical and cyber security threats.
Critical national infrastructure forms the backbone of our nation and the term is often used to collectively describe assets which are essential to the normal functioning of society, for instance gas, water, electricity, telecommunications and transport networks.
Historically the industrial control networks running critical national infrastructure were air-gapped, which meant that they were never accessible to anyone outside secured facility walls, however, as with many legacy systems, the introduction of Internet connectivity has significantly changed this aspect of safety through physical isolation.
Today, when looking for potential threats to the critical national infrastructure, we are quickly aware that there any many options for the would-be attacker to choose from. Alongside the traditional opportunity to gain physical access to these systems to commit sabotage, they can also rely on a wide array of digital exploits like phishing scams, malware infections or ransomware to launch damaging attacks.
Amongst the cyber threats that could be devastating to critical national infrastructure are DDoS attacks. A successful DDoS attack on critical national infrastructure could cause widespread disruption including large populations suffering major power outages, significant business or market disturbance, life threatening emergency service outages and long term economic damage.
The Consequences of DDoS Attacks on Critical Infrastructure
When somebody turns on their gas to their cooker or fills up a glass of water from the tap, they likely do not have routine thoughts about where these every day commodities come from. But they would certainly notice if their supply was suddenly interrupted. If a DDoS attack were to successfully impact a piece of the nation’s critical national infrastructure this scenario could very much become a reality at the hands of unknown bad actors.
Because of the nature of DDoS attacks, they can be extremely disruptive to critical national infrastructure services. If a critical infrastructure organization was knocked offline for just ten minutes, it could significantly impact the delivery of the associated essential services for hours or even days.
However, one of the key challenges with securing the critical national infrastructure is down to education. Cyberattacks targeting critical infrastructure are relatively new and something which organizations running these systems have not typically encountered before. Therefore, government campaigns, like the one running this month, should be seen as a positive move and will help drive awareness, resulting in positive changes to the security posture of these important infrastructure services.
It should be acknowledged that there is one critical national infrastructure sector that is leading the way in terms of improved resilience and security and can be used as a good role model, Telecommunications! In the last year, the overall down time due to unexpected or unwanted disruption has been manageable, and some of the sector’s infrastructure leaders such as Juniper Networks are taking innovative steps with leading security vendors like Corero Network Security to offer scalable solutions to further secure our national networks. This ultimately means that people should be able to more confidently rely on their phones to access emergency services like fire, ambulance or the police, or news and social services like CNN, Twitter or Facebook during any attacks on infrastructure services.
While critical national infrastructure has without a doubt become a potential target for attackers, there are many steps these organizations can take to boost their security. To keep up with the growing sophistication and organization of well-equipped attackers, and to comply with the government mandates to do so - it’s essential that these organisations consider deploying solutions to instantly and automatically detect and mitigate DDoS attacks and maintain comprehensive attack visibility across their interfaces to the Internet.