Infrastructure security
Infrastructure security is the security provided to protect infrastructure, especially critical infrastructure, such as airports, highways [1] rail transport, hospitals, bridges, transport hubs, network communications, media, the electricity grid, dams, power plants, seaports, oil refineries, and water systems. Infrastructure security seeks to limit vulnerability of these structures and systems to sabotage, terrorism, and contamination.[2]
Critical infrastructures naturally utilize information technology as this capability has become more and more available. As a result, they have become highly interconnected, and interdependent. Intrusions and disruptions in one infrastructure might provoke unexpected failures in others, which makes handing interdependencies a key concern.[3]
There are several examples where an incident at one critical infrastructure site affects others. For example, in 2003, the Northeastern American areas experienced a power outage that appears to have originated in the Midwest, and possibly from a tree branch.[4] In 2013, damage caused by a sniper attack at an electrical substation in California threatened power distribution throughout Silicon Valley.[5] The 2020 Nashville bombing caused telecommunications outages in several states.
Potential causes of infrastructure failure
Critical infrastructure is vital for essential functioning of a country. Incidental or deliberate damage will have serious impact on the economy as well as providing essential services to the communities it serves. There are a number of reasons why infrastructure needs to be heavily secured and protected.
- Terrorism - person or groups deliberately targeting critical infrastructure for political gain. In the November 2008 Mumbai attacks, the Mumbai central station and hospital were deliberately targeted.
- Theft – person of groups breaking into critical infrastructure sites like electrical substations or telecommunication towers to steal materials or equipment (e.g. metal theft)
- Sabotage - person or groups such as ex-employee, political groups against governments, environmental groups in defense of environment. Refer to Bangkok's International Airport Seized by Protestors.
- Information warfare - private person hacking for private gain or countries initiating attacks to glean information and also damage a country's infrastructure. For example, in cyberattacks on Estonia and cyberattacks during the 2008 South Ossetia war.
- Natural disaster - hurricane or natural events which damage critical infrastructure such as oil pipelines, water and power grids. See Hurricane Ike and Economic effects of Hurricane Katrina.
Security challenges for the electricity infrastructure
One of the fundamental foundations of modern society is the electrical power systems. An intentional disruption of electricity supplies would affect national security, the economy, and every person's life. Because power grids and their sources are widely dispersed, this is a challenge for the effectiveness of defensive organizations and structures.[6]
Sabotage can damage electrical sources for the power grid, including civilian nuclear power stations. Sabotage in the form of cyberattacks can create havoc with computer, communication, and information systems, which could severely interrupt the electrical supply. This in turn can cause major disruptions to other infrastructure components of society. Comprehensive defense plans are proposed.[3]
One method is to isolate load systems. Sophisticated defense systems should be wide-area, real-time protection, with control systems that are alerted and guided by sensing technologies. Communication and information must be capably routed.[3]
Remedies
Many countries have initiated government agencies to directly manage the security of critical infrastructure usually through the Ministry of Interior/Home Affairs, dedicated security agencies to protect facilities such as United States Federal Protective Service and also creation of dedicated transport police such as the British Transport Police. There are also commercial transportation security units such as the Amtrak Police in the United States.
A number of government organizations focus on infrastructure security and protection. In the USA, the Technical Support Working Group has the Infrastructure Protection Subgroup. The UK has the National Infrastructure Security Co-ordination Centre.
Critical infrastructure sites may deploy perimeter intrusion detection systems, video surveillance, access control and other security systems to detect and respond intruders and other security events.
See also
- National security
- Information warfare
- Cyberattack
- Homeland security
- Airport security
- Physical security
- High-voltage transformer fire barriers
US or North American specific:
- United States Federal Protective Service
- National Infrastructure Protection Plan
- North American Electric Reliability Corporation (NERC)
References
- "Archived copy". Archived from the original on 2008-12-02. Retrieved 2008-12-07.CS1 maint: archived copy as title (link)
- "Archived copy". Archived from the original on 2008-12-16. Retrieved 2008-12-07.CS1 maint: archived copy as title (link)
- Li, Hao; et al. (May 2005). "Strategic Power Infrastructure Defense" (PDF). Proceedings of the IEEE. 93 (5): 918–933. doi:10.1109/JPROC.2005.847260. S2CID 3242429. Retrieved 2009-11-07.
- https://www.webcitation.org/query?url=http://www.geocities.com/blohm_r/NYTimes130504.htm/&date=2009-10-25+13:43:27
- Martinez, Michael. "Sniper fire on Silicon Valley power grid spurs ex-regulator's crusade". CNN. Retrieved 2020-01-27.
- Massoud, Amin (April 2002). "Security Challenges for the Electricity Infrastructure (Supplement to Computer Magazine)". Computer. 35 (4): 8. doi:10.1109/MC.2002.10042.