Critical Infrastructure Vulnerability and Protection Essay

Introduction

The United States security department, in recent years, has been conducting routine and specialized field assessments for the identification of interdependencies, cascading effects, capabilities, and vulnerabilities of multiple impacts on the critical infrastructure of a nation. A critical dilemma facing the American government today is its increasing interdependence of vital and key national infrastructures (Perfomak, 2005). Take for example the sewage, water, and public utility infrastructure which is often linked to the control system of an entire city. In essence, the advancement of technology presents reasonable opportunities for state enemies to resort to modern methods, through either more complex or less nefarious pursuits, to interdict the public systems that the nation is entirely dependent on. The critical infrastructures include Gas and Oil, Banking and Finance, Transportation, Water Supply, Emergency Services, Telecommunication, Electric Power Supplies and Continuity of Government systems (Perfomak, 2005).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

While most of these sectors have been well-prepared for because off several foreseen challenges that required immediate or long-term actions, the American government is significantly prepared and well equipped to address such eventualities and deal with physical threats. Of interest and much concern are the cyber threats which have recently caught the attention of governing bodies as far as the critical infrastructure protection is concerned. Current approaches through Modern Supervisory Control and Data Acquisition systems (SCADA) are essential in the management, monitoring, and protection of the process of distribution and transmission of electric power generation (Robles et al., 2008). In this age of Internet Of Things (IoT), SCADA is exposed to complex, distributable systems which make the critical infrastructure of the nation vulnerable to conventional threats.

The Rationale for Choosing your Topic

Critical infrastructure is important to the US and vital to national security that any slightest incapacity to the systems would harm global economic security, public health as well as physical security. The protection of infrastructures and critical assets of a nation is a matter of grave importance as terrorists are opportunistic, taking advantage of any vulnerabilities they identify within or without the system. Given an opportunity, terrorists and enemies to the state choose their timing, place, and methods grounded on weakness under observation or any perceived vulnerabilities. As such, increased counter-measures to protect critical infrastructures from vulnerabilities is a sure way of minimizing any chances of a terrorist attack, more often than not, compelling them to find alternative methods and tactics, if any (Perfomak, 2005). Formidable as it is, America's critical infrastructure and its key assets have to be protected amidst the several presenting challenges that can mostly be attributed to the technologically sophisticated and open American society which is, in almost all instances, described as an infinite array of an attack or at least potential target. This is because the American infrastructure often changes as fast as the marketplace, making it impossible to protect, in entirety, all potential targets at any given time (Pursianen, 2009).

Nonetheless, it is essential and rather indisputable that the protection of US infrastructure and critical assets helps deter and deflect attacks, mitigating their effects through strategic improvements in the levels, current measures, and approaches to security and protection (Murray, Matisziw & Grubesic, 2008). The rationale of this proposal, therefore, is not necessarily an assumption on the prevention of all potential attacks, either local or terrorist, but the substantial reduction of the vulnerability of America's infrastructure to any form of attacks, particularly the most damaging ones. This calls for all-around preparedness against any attacks, either small or large explosions that may trigger the activation of the nation's crisis management plans and approaches (Robles et al. (2008).

The Review of Literature

Following the events of September 11, 2001, government agencies, industry leaders and legislators have directed significant effort in comprehending the sources of critical infrastructure vulnerability, coming up with potential measures, approaches and strategies that could be deployed to address the vulnerabilities through capital investment and operational changes in most sectors, particularly the communication sector which holds the key to cybersecurity (Perfomak, 2005). In recent times, various security methods have been employed and applied on the systems considering that both low overhead, intrusion identification in real time as well as high efficiency is required (Marglaras et al., 2018). Researchers, however, argue that in spite of the apparent risks to the critical infrastructure such as the Industrial Control System (ICS) which deliver critically vital services like manufacturing, energy, and communications, the costs involved in their protection are too high and prohibitive (Robles et al., 2008). Pursianen (2009) reiterates that conventional crucial infrastructural systems have become more vulnerable to attacks because of the recent adoption of IP based communications with communication security, control systems protection and traditional IT security having specified boundaries. This has therefore rendered the efficiency of the systems unclear as most organizations fail to report critical infrastructure relying on staff members to detect any issues (Moteff, 2005).

The high degree of interconnectivity among infrastructural networks and systems leaves them highly vulnerable to attacks owing to the prevalent gap in the deployment of capabilities, programs and proper strategies towards the protection of critical infrastructure (Stoddart, 2016). Limba, Pleta, Agafonoc, and Damkus (2017) provide many proposals on the protection of critical infrastructure citing the isolation of private cloud from public internet access which, according to him, can prevent attackers and enemies from exploiting presenting vulnerabilities to attack a system by accessing data remotely. In that regard, all systems and infrastructure that are interconnected to strategic and critical data as regards national safety should have the access restricted to only authorized personnel allowed to access particular premises meant explicitly for critical infrastructures (Marglaras et al., 2018). Authors highlight the effectiveness of two-person and two-factor authentication when employed in the protection of critical infrastructure especially for key financial institutions, nuclear plants and vital infrastructural systems that require physical authentication prior to accessing data (Rinaldi, 2005).

Implications for the community, State or the US in general

The protection of vulnerable critical infrastructure is vital to national security and continuity of governments. In fact, the unavailability of vital infrastructural systems of America such as transportation, communication, and electrical power can have lasting economic impacts far beyond the ability of the systems to sustain physical and direct damage. Marglaras et al., (2018) assert that the damages, particularly those of a cyber-nature could negatively impact global, national, and regional and well, the local economy with effects being fatal in extreme instances. Therefore, critical infrastructure should be operated under close observation and controlled real-time monitoring, characterized by peer-to-peer communications, multiple sessions, redundancy, regular maintenance and concurrency to ensure that protective measures are enhanced in every sector (Morteff, 2005). With the forecasted growth in interconnectedness and implementation and execution of IoT and smart grids, weak network segmentations ought to be combined with conventional computer security and contemporary communication networking coupled with control engineering.

References

Limba1, T., Pleta, T., Agafonov, K., & Damkus, M. (2017). Cybersecurity management model for critical infrastructure.

Maglaras, L. A., Kim, K. H., Janicke, H., Ferrag, M. A., Rallis, S., Fragkou, P., ... & Cruz, T. J. (2018). Cybersecurity of critical infrastructures. ICT Express.

Moteff, J. (2005, February). Risk management and critical infrastructure protection: Assessing, integrating, and managing threats, vulnerabilities and consequences. Library of Congress Washington DC Congressional Research Service.

Murray, A. T., Matisziw, T. C., & Grubesic, T. H. (2008). A methodological overview of network vulnerability analysis. Growth and Change, 39(4), 573-592.

Parfomak, P. W. (2005, December). Vulnerability of concentrated critical infrastructure: Background and policy options. Library of Congress Washington DC Congressional Research Service.

Pursiainen, C. (2009). The challenges for European critical infrastructure protection. European Integration, 31(6), 721-739.

Rinaldi, S. M. (2004, January). Modeling and simulating critical infrastructures and their interdependencies. In System Sciences, 2004. Proceedings of the 37th annual Hawaii international conference on (pp. 8-pp). IEEE.

Rinaldi, S. M. (2004, January). Modeling and simulating critical infrastructures and their interdependencies. In System Sciences, 2004. Proceedings of the 37th annual Hawaii international conference on (pp. 8-pp). IEEE.

Robles, R. J., Choi, M. K., Cho, E. S., Kim, S. S., Park, G. C., & Lee, J. (2008). Common threats and vulnerabilities of critical infrastructures. International journal of control and automation, 1(1), 17-22.

Stoddart, K. (2016). UK cyber security and critical national infrastructure protection. International Affairs, 92(5), 1079-1105.