When Cyber Attacks Become Physical
Recent reports of a cyber attack on a US water utility in Illinois again highlight the intrinsic link between cyber security, national infrastructure and what this means for national security.
The idea of knocking out or blocking access to critical infrastructure to weaken an opponent is nothing new. In ancient times attackers would surround cities and cut off access to food, water and other supplies. Such blockading is common military offensive strategy.
But with our increased dependence on our technology networks in both our work and personal lives, it is no surprise that today’s attackers seek to exploit security vulnerabilities in the cyber world with the aim of disrupting the physical world. This applies regardless of whether the cyber attack is designed to take down the IT system itself or is used to damage other critical infrastructure such as water supply.
Interestingly, when we polled the public in 11 countries across the globe in March 2011 as part of the Unisys Security Index™, Australia and New Zealand were the only two countries where the Internet was rated as one of the top two national infrastructure assets vulnerable to malicious or terrorist attack.
This may be because our nations “down under” are very aware of their remoteness and resulting dependence on the internet to be part of the global market. Or perhaps it is simply because Aussies and Kiwis are less concerned about the vulnerability of other pieces of national infrastructure, such as public transport or places of large gatherings, than people in other countries are.
Either way, it is clear that effective cyber security is now an essential part of protecting national infrastructure and therefore is a vital part of any national security strategy – not just to protect vital information and communication technologies, but also to ensure they are not used to damage or block access to other physical infrastructure. This is evident in the renewed focus being placed on cyber security by the Australian, New Zealand and other governments.
Unisys Security Program Director, Asia Pacific