Home Opinion What Would We Do if Critical Infrastructures Failed Due to Cybersecurity Problems?

What Would We Do if Critical Infrastructures Failed Due to Cybersecurity Problems?

Get started on your cybersecurity degree at American Military University.

By Susan Hoffman
Contributor, InCyberDefense

Note: This article is part of a university series for National Cyber Security Awareness Month in October. This week’s theme is Protecting Critical Infrastructure from Cyber Threats.

Every day, infrastructures controlled by computers and servers play a role in our lives. We drive over roads with traffic lights that control the flow of our vehicles. We purchase products or services at shopping mails or from online sites. In some cases, we might need to call 911 for help in case of medical, law enforcement or similar emergencies.

Generally, these infrastructures operate well and only require improvements or repairs from time to time. But what would happen if these infrastructures were put out of action long-term due to a large-scale hack? Imagine trying to go somewhere on roads with malfunctioning traffic lights or having an urgent medical need to find a hospital, only to discover that ransomware held the hospital’s computer system hostage.

What Infrastructures Require Cyber Protection?

According to the Department of Homeland Security, there are 16 critical infrastructure sectors that are “considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.” These sectors are:

  • Chemical
  • Commercial Facilities
  • Communications
  • Critical Manufacturing
  • Dams
  • Defense Industrial Base
  • Emergency Services
  • Energy
  • Financial Services
  • Food and Agriculture
  • Government Facilities
  • Healthcare and Public Health
  • Information Technology
  • Nuclear Reactors, Materials and Waste
  • Transportation Systems
  • Water and Wastewater Systems

Cyber attacks on critical infrastructures have already started to appear. In May 2017, for instance, the U.K.’s National Health Service (NHS) suffered a large-scale cyber attack across England and Scotland. Some patients were not able to go to emergency rooms and other patients were redirected to other local hospitals. Outpatients appointments needed rescheduling, disrupting the lives of both patients and healthcare providers.

How Will We Protect Our Infrastructures from Attacks?

Although it is difficult for cybersecurity professionals to provide 24/7 protection for everyone, everywhere, there are several ways to make infrastructure improvements. According to news source Tripwire, these improvements include:

  • Providing guidance by creating clear policies
  • Assigning responsibility regarding the use of smart devices
  • Collaborating with other security professionals to determine best practices
  • Offering education and training to improve employees’ cybersecurity knowledge
  • Developing processes to monitor and assess the cybersecurity of critical infrastructures

Ultimately, our infrastructures’ security depends on the efforts of the cybersecurity professionals who protect them. To maintain our national security, we need to construct resilient cyber networks.

Get started on your cybersecurity degree at American Military University.