Posts Tagged ‘Cyber Attacks’

Are Critical Infrastructure Cyber Attacks Really on the Rise ?

December 24, 2009 Leave a comment

Recently many argued whether Cyber-attacks against Critical Infrastructures are real and dramatically on the rise, as the media would like us to think. (The recent Brazil’s Power Outage made headlines around the world).

Others confidently backed this Cyber-attacks downplay assumption by their statistical perception of a recent report by the Repository of Industrial security Incidents (RISI), RISI which keep track of “reported/verified” security incidents in the USA since 1982, recently stated that the incidents count has reached 164 in 2009. That’s basically an average of 6 incidents per year.

And then they asked a question.

If the US recorded 8 or 9 incidents next year, can we confidently say that the Cyber Attacks rate is dramatically on the rise, and that we should be really worried?

The answer is simple, I agree that in most countries there isn’t enough data (on a national level) at hand to confidently confirm or deny anything.

While I personally believe that the rate of Cyber-attacks against Critical Infrastructures “World Wide” is definitely rising, simply because of the improved Means and Motives. (Its easier and more rewarding today than 5 years ago).

I feel that when we talk critical infrastructure we often overlook that our world is now more interlinked and interdependent than it ever was. So even in the imaginary case of Zero incidents taking place in the USA as an example, this doesn’t mean that everything is ok and that the ultimate goal of Critical Infrastructure Protection is served. Right now I can name a company in North Africa that’s providing Paris with 30% of its total daily natural gas consumption. And another company in the Persian Gulf that’s providing the UK with +20 % of its daily natural gas needs. “Not to mention Aramco’s crude oil exports to the US ad Japan”.

Who can argue that a Cyber-attack on any of the examples above is less important and ultimately less effective compared to an attack on a French or UK based plant.

I believe that when thinking about Critical Infrastructures and judging whether attack rates are on the rise or declining it’s only wise to aggregate global statistics to get the true picture of the threat on the ground because in many ways this ecosystem works similar to the modern financial world. And focusing only on local statistics will often give a false feeling of security.

As an example, In the last Brazilian black out Every one seemed to neglect the fact that while two major Brazilian cities suffered, the entire country of Paraguay plunged into darkness. Does Paraguay’s Cyber-attacks clean sheet mean anything here?

I can also see this occurring in the entwined electrical grid of many EU countries and between several former Soviet Union countries.

Another example that comes to my mind comes from the communication sector, back in 2007 when on two separate occasions (one of them few days before the 2007 Gaza strip war) there was a major Internet blackout across the Middle East after targeting the region’s 3 main Internet Sub Marine fiber cables (although several hundred miles apart), this incident didn’t only affect the region but had cascading effect that reached up to the shores of India costing the country’s IT outsourcing economy millions of dollars in lost bandwidth. Was there an Attack on Indian critical infrastructure ?…No , did India suffer ?…Yes.

This is a global threat/issue and should always be treated as such. localized statistics while important are only part of the big picture.

Sub Marine Internet Cables

Sub Marine Internet Cables