Securing Critical National Infrastructure: A Week In View

9th January 2020

Russell Haworth

Russell Haworth

This week, the Department of Homeland Security (DHS) released a bulletin through its National Terrorism Advisory System that warned of Iran’s ability to carry out cyber attacks with ‘temporary disruptive effects’ on critical infrastructure in the US. The Cybersecurity and Infrastructure Security Agency (CISA) too published an alert on the potential for Iranian cyber response to the US military strike in Baghdad.

We’ve also seen foreign exchange giant, Travelex, grind operations to a halt this week following a ransomware attack. Not only impacting Travelex itself, but the knock-on effect across its entire partner ecosystem, demonstrates just how disruptive cyber attacks can be when organizations of central importance to a wider network are taken down.

Above all, this underlines the potential disruption that can be caused to critical services by cyber attack.

As a critical national infrastructure provider ourselves, in running the .UK domain name registry, we understand first-hand the importance of defending against cyber attack and maintaining operations. It is not only a matter of technical understanding but gathering real-time intelligence and an appreciation for the sensitivities and complexity facing the stakeholders involved in keeping critical national infrastructure up and running. This also stands true for the security services we deliver for the NCSC and other governments around the world.

We must take the events of this week extremely seriously, not only in heeding sage government advice but also in understanding the wider context of securing critical national infrastructure. In the CISA alert, advice was given to:

  • Adopt a state of heightened awareness
  • Increase organization vigilance
  • Confirm reporting processes
  • Exercise organization incident response plans

We should also be mindful of other historic attacks on critical services. The malware attack on an Indian nuclear power plant in October, the reported misconfiguration that caused millions to be impacted by the Capital One breach in July and, most recently, the ransomware that took down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. The cyber threat from Iran also isn’t new. Between 2012 and 2013 there were a number of attacks on US financial institutions; Bank of America, Citigroup and the Las Vegas Sands Corp. have all been victims. This week is not isolated, and it would be foolish for us to think it was.

While our battle against cyber crime is by no means lost, the landscape is evolving. It has never been more important for us and our fellow critical national infrastructure providers to shore up existing defenses, build new protection where possible and stay abreast of the changing cyber environment.

Preparation is paramount.