Register for the STEM Virtual Career Fair on October 24!
By Susan Hoffman
Note: This article is part of a university series for National Cybersecurity Awareness Month in October. This week’s theme is Safeguarding the Nation’s Critical Infrastructure.
Computers have penetrated virtually every aspect of daily life. There are computer networks involved in the creation and maintenance of our food and water supplies, financial services, health, communications, emergency services and transportation. Computer networks also have electronic connections to our homes, businesses, shopping malls, churches, schools and vehicles.
Now imagine what would happen if hackers launched an attack on one or more of those networks. Think about having to postpone a much-needed surgical procedure because there was a cyberattack and your hospital’s medical records were being held hostage by ransomware. Imagine not having electrical power in your city for hours or even days after the utility company’s networks had been attacked by hackers.
But hospitals being held captive by ransomware and utility companies being attacked by hackers are not imaginary. These cyberattacks have already happened.
US Critical Infrastructures Need Better Protection against Hackers Right Now
According to the Department of Homeland Security, there are 16 critical infrastructures that “are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national security, economic security, national public health or safety, or any combination thereof.” These critical infrastructures involve multiple sectors:
- Commercial Facilities
- Critical Manufacturing
- Defense Industrial Base
- Emergency Services
- Financial Services
- Food and Agriculture
- Government Facilities
- Healthcare and Public Health
- Information Technology
- Nuclear Reactors, Materials and Waste
- Water and Wastewater Systems
Unfortunately, the software in the computer networks involved with these 16 infrastructures are all too vulnerable to hackers. According to credit reporting agency Experian, “While the government and private sector have worked independently to combat cyberattacks, a collaborative approach for identifying threats is needed to better secure U.S. infrastructure.”
What Can Be Done to Protect Our Infrastructures from a Digital Pearl Harbor?
The term “digital Pearl Harbor” is often brought up in connection with a catastrophic cyberattack. Would we be ready for this kind of large-scale cyberattack if it actually happened?
The answer is: Not yet, but we’re getting there. According to Milwaukee computer security company PKWare, some cyber experts are at least aware of the need to prevent a catastrophic attack. PKWare notes, “The U.S. National Infrastructure Advisory Council has warned that bold, immediate action is necessary.”
Cybersecurity training for employees, regular software updates and solid firewalls should be a part of hardening critical infrastructures’ computer networks. Although creating better cybersecurity for critical infrastructures won’t be quick or cheap, the time and money spent on improvements will be justified later when a cyberattack is thwarted.