Financial Crime World

Cybersecurity Lapses Put Critical National Infrastructure at Risk

Despite warnings from experts, many critical national infrastructure (CNI) operators around the world are still failing to make adequate security preparations, leaving themselves vulnerable to cyber attacks.

Vulnerability and Denial

According to John Paller, a cybersecurity expert, CNI companies are often in denial about their vulnerability and lack the necessary resources to protect themselves. “The most difficult problem is getting the energy in place to build defenses,” he said. “As long as your senior leadership wants to believe they wouldn’t be targets, you’re not going to take the necessary steps.”

Growing Threat from Criminal Gangs

Paller warned that CNI companies are facing a growing threat from criminal gangs who use extortion tactics to demand money from victims who fear the consequences of an attack.

Scada Systems Concerns

Supervisory Control and Data Acquisition (Scada) systems used to control industrial systems are also a major concern, according to Tiirmaa-Klaar of the European Union’s Agency for the Cooperation of Energy Regulators. Many Scada systems in Europe do not have adequate security measures in place, she warned.

Government Response

Government officials acknowledge that more needs to be done to protect critical infrastructure from cyber attacks. The UK government has emphasized the importance of protecting against politically motivated attacks, but experts say that businesses are doing little beyond what they were already doing.

Recent Attacks and Concerns

The recent attacks on Estonia’s computer systems highlighted the vulnerability of CNI companies and prompted a renewed focus on cybersecurity. However, some experts argue that the attacks were not as severe as reported, and that the response has been exaggerated.

Governments Taking Action

Despite these concerns, many governments and institutions are taking action to improve their cybersecurity measures. The National Institute of Standards and Technology’s Tim Grance warned that assaults by any attackers, including cybercriminals, have made governments take action to protect themselves.

Quotes from Experts

  • “The data breaches motivate citizens a lot more than most other issues because it becomes so personal,” said Tim Grance. “They think ’that could be my child or my money’. They can be surly and upset when they feel governments are not protecting their interests.”
  • “Nobody is safe in cyberspace, and any country with well-developed IT systems is a likely target of attacks that harm vital communication and IT-systems,” said Tammet, Estonian Ministry of Defence.

Conclusion

While some experts argue that the risk of cyber attacks is being exaggerated, others warn that CNI companies are still vulnerable to attack and that governments must take action to protect themselves. It is essential for CNI operators to prioritize cybersecurity and implement adequate security measures to prevent potential threats.