Cybersecurity for Critical Infrastructure Protection Essay
Cybersecurity for Critical Infrastructure Protection
Cybersecurity entails safeguarding of computer networks and the information that it carries from unauthorized access and malicious disruption or damage. This is because the use of networks has become common in businesses and government activities, and any tampering can cause serious consequences for the affected bodies. A question is what degree do the security bridge has to critical infrastructure. Analyses of unconventional and asymmetric attacks assume that potential opponents would use cyber weapons.
Such opponents could employ the use of conventional nation state and “non-state actors” opponents. Initially, cyber weapons were considered better because of their asymmetric attacks because of the low cost, which results in damaging most vulnerable parts that are found in most of the computer networks – may be disastrous as kinetic or blast weapon. “Digital Pearl Harbor” a term that appeared in mid-1990s, when internet was commercialized and frequently used came to birth. The scenario in this picture is that the world would plunge into disaster due to the introduction of hackers.
Some of the results that were predicted to be associated with the Digital Pearl Harbor include open floodgates, blackness, poison water supply and planes crashing. However, there is no cyber attack that has produced such disastrous results. Such talk arose due to lack of technological understanding, how software’s operate, and the operation of other complex system. To determine the extent of risk that is posed by computer networks and its vulnerabilities, it requires an estimation of probability that will damage critical infrastructure in certain ways that will affect the national interest.
Hence, it means that there should be sequential or simultaneous events that must occur for a digital attack in the cyberspace to have physical effect. Computer networks are usually the vulnerable part, and not the critical infrastructure that these networks accommodate or support. Infrastructures are strong and resilient and are capable of absorbing damages that are associated to terrorism, natural disasters and climates. This means that the issue of cybersecurity in the field of terrorism is usually overestimated.
By saying so, it does not mean that planning of critical infrastructure protection should not be in place. In planning for the measures that should be include in planning in the CIP, first as the computer networks increase, their vulnerabilities also increases. Secondly, another method that can be employed by the attackers is attacking the storage parts of the networks instead of the networks itself. The networks are penetrated, collect-required information and monitor changes without creating any suspicion and when they are suspected, the databases and networks that support important activities are disrupted.
Political Context for Cyber security and CIP In the end of 1990s, cybersecurity policies were dominant and there were frequent discussions on the issue of critical infrastructure protection. Nevertheless, currently there is a minimal understanding by the Federal that the initial issues that were associated with the use of internet and network connectivity were overemphasized. This overemphasis was due to several factors that range from the introduction of Internet to the Y2K (Philemon 2005, pp. 70).
Y2K was associated for previous programming errors which IT experts believed that world would plunge into chaos at the mid night of the New Year, thus brought most attention to the world of cyber security. American government as been associated with risk-averse policies since the 1970s. This is because there is a loss in terms of confidence of governing elites, decrease in public trust and a punitive and partisan political environment. Hence introduces plans, policies, and various strategies for critical infrastructure protection.
This political change brings in better understanding of cybersecurity and critical infrastructure protection. Hence, planning for critical infrastructure protection requires an assessment of risks that are capable of damaging attack. An individual who is risk aversive may estimate the probability of damage attack to be higher when compared to a neutral individual (Davis 2003, pp. 33). Assessing Risks In determination of the significance of cybersecurity for critical infrastructure protection, it must begin with estimating the risk. This method so far has proved difficult to incorporate.
The better method is neutrally analyzing previous attacks and gain better ways of knowing it causes and consequences that were associated. This will enable the estimation of likelihood that a potential attacker will concentrate on a particular target. In addition, it is able to predict the type of weapons that will be used. This involves understanding the motive of the attacker, strategic role, capabilities, preferences, goals and experience. This will weigh the capabilities and goals of the attacker against potential infrastructure vulnerabilities (Davis 2003, pp. 33 – 34).
The definition of risk is how much of threats that a society or government could withstand and relies on the importance of the security. Homeland Security policy states that it is difficult to eliminate all risks, but requires priorities that will reduce the amount of risks that are associated with cybersecurity. Risks that are associated to cybersecurity can be grouped into three parts: risks that can cause injuries or death, affects the economy or reduce the capability of military. So far, there are no issues or threats that are associated with the different groups (Keith 2005, pp. 66). Critical Infrastructures and Computer Networks
United States has a long list that identifies critical sectors and includes agriculture, health systems, banking and fiance, IT and telecommunication, energy, industries, and transportation. To the Federal government the issue of cybersecurity is not serious to them. An infrastructure is said to be critical since it is able to meet some standards of national interest. To meet these different standards, there is usually an implicit assumption that disruption of the infrastructure would reduce flow of services and goods creating hardship resulting to impeding of government economic operations.
To understand the relation between cybersecurity contributions to the critical infrastructure protection, two additional concepts of location and time can be introduced (Keith 2005, pp. 66). Location and time helps in understanding that cybersecurity is not a concern to critical infrastructure. Those issues that takes time to show problems, usually gives time for the affected organization to identify solutions and organize and in marshaling resources to respond to the issue, hence, does not present a crisis.
The capability of industries to respond to the problems through innovation and creating alternative technologies or solutions means that those infrastructures that had disruption and did not posses immediate danger, results in minimal effect to the economic, national security and life in general. National infrastructures are geographical distributed which means that they are not critical in nature. This means that larger infrastructure provides critical supports to key governmental functions and economic, and not the entire industries or networks.
This means that there are few networks that are national in nature and at the same time are usually mutually dependent. Networks that are associated with telecommunications, finance and electrical power are most critical because of its interconnectedness, economic health and national scope. An example is the Fed wire that supports banking, if it is attached it may cripple the banking sector form sometime, but the Federal Reserve have developed means to harden the Fed Wire. Internet as a Critical Infrastructure With the help of cyber weapons, the Internet can to some point be attacked.
However, the Internet is a shared network that if attacked will affected both the target and the attacker. An attacker can calculate that the US economy may be most affected and the attacker may use back ups of some sort, giving it a temporary advantage. Internet is robust and is able to operate even if the Soviet Union and United States exchange nuclear weapons. Its architecture and design enables it to survive and withstand all these problems. With packet switching, the Internet can redirect the messages and at the end of the day arrives or are directed to the required port.
The capacities of the internet to operate is due to the addressing system which is multilayered, decentralized and has the possibility of operating even if it means it will take days to update the routing table. The core protocols that are employed by the internet are vulnerable to attack. An example is the Border Gateway Protocol –BGP that is responsible for routing traffic, has been tested and it is vulnerable to attacks but the attacker has to face the redundancy, which is associated with thousand of subsidiary networks in the Internet (Davis 2003 pp. 33 – 34).
So far, there is only one case that has between witnessed, in 2002 there was an attack to the Distributed Denial of Service of eight out of the 13 important root servers, which govern the addresses of the Internet. The attack did not cause a lot disruption but it is believed that if it could have taken a longer time it would have degenerated the Internet. Since the 2002 incident the DNS system has been strengthened through dispersing the root servers to different places, using new software’s and employing routing techniques. Hence, the new redundancy that has been employed has drastically reduced the issue of shutting down the DNS.
In addition, the complexity that is associated with estimating the actual cost makes planning for critical infrastructure protection difficult. Most estimates that are associated with cybersecurity are exaggerated or overestimated. To obtain the amount of damages that are caused by cybersecurity, a sample is estimated and then it is extrapolated to the affected population. Analysis of the impacts and effects of cybersecurity estimates should be analyzed by statistical analyses and economic losses should not be received in face value.
Importance of the cybersecurity in protecting critical infrastructures other than electrical power, telecommunications or finance, rests on the believe that the critical infrastructures are dependent on the computer networks for them to be able to operate. In such perspective the computer network specifically are vulnerable but the infrastructure that they support are not vulnerable (Philemon 2005, pp. 70 – 75). An example of a distractive cyber attack was the Slammer worm. It effects affected automated teller machines (ATM) across the northwest making 13000 to be out of service.
Many analysts belief that the Slammer was a damaging cyber attack, but in national perspective, it had small impact since other parts of the country operated normally. Furthermore, the Slammer Worm only affected one bank and its ATM services. In this case, the customers of the bank suffered some inconveniences; the bank lost revenue and spoilt their reputation giving an advantage to the cybersecurity conscious competitors. Potential opponents in terms of nation-states may employ the use of cyberspace. When they gathering intelligence information will prompt them to attack and penetrate the U.
S. computer networks. When a conflict occurs between different states, information, skills and access to crucial infrastructure will be used to disrupt important information system. Risks that are associated with espionage and cyber crime are real for firms, agencies and individuals. References Davis, J. (2003). Information Technology Security Threats, New York: Barron’s Educational Series, pp. 30 – 34 Keith, J. (2005), Plans and Developments in Computer Networking, New Haven: Yale University Press, pp. 66 Macklin, M.
(2007), Computer networking Implementation and Security, Jakarta: Cambridge University Press, pp. 45 – 49 Peter, K. (2001). Cyber Security and CIP, Australia: Fontana Books, pp. 120 – 121 Philemon, M. (2005), Development of Computer Systems and Terrorism Threats, Stanford: Stanford University Press, pp. 70 – 75 Rachael, L. (2003), Critical Infrastructure Protection, New York: New York Publishers, pp. 13 16 Richard, Z. (2005), Management and Information Technology, London: Oxford University Press, pp. 60 – 61