Cyber-physical security is a must for military critical infrastructure nowadays
Global defence cyber-physical infrastructure is increasingly under attack by independent and state-sponsored enemies. It is more than data that is being threatened. Cyber-attacks are now turning into physical threats that can harm people and destroy communities. The rapid evolution of the cyber-physical attack surface is due to the low cost of easy-to-use tools that affect disruptive objectives.
For example, in the first Gulf War, the United States was able to exercise its economic advantage and spend billions to develop stealth fighter technology. It then used that to strike critical infrastructure and cut off Saddam Hussein’s communications with his troops and turn off all power in Baghdad on night one of the war. Today, through a cyber-physical attack, a lone individual can achieve the same effect with little more than a USD500 laptop and an internet connection. The escalating scale and intensity of assaults on military systems and facilities have driven organisations that include Ultra Electronics, 3eTI to redouble their efforts, and take new tacks, to stop the menace.
Having served in the Indian Air Force (IAF), and now industry, to help military fend off security threats, I’ve put together a set of questions I regularly ask in making the case for best practices that can reliably and efficiently secure defence critical industrial control systems (ICS) that run daily operations of critical infrastructure.
What is the state of today’s threat landscape for the military?
The defence sector globally must balance and integrate both cyber and physical security. The risks to critical-infrastructure control systems, both physical and cyber, are mounting through a rise in known vulnerabilities, wider connectivity, and adoption of open standards that exposes networks and edge devices to exploits.
The solution is to implement systems that establish sound cyber-physical protections. When designed and executed properly, these systems blend smoothly with existing processes to provide comprehensive safeguards. Beyond preventing intrusions, they often can work to improve operational efficiency.
To illustrate, I frequently refer to one defence customer’s situation and solution for securing and optimising a particularly complex ICS.
The Naval District of Washington, DC (NDW) turned to 3eTI for its Smart Shore initiative. The project was in support of the US Navy’s Smart Grid programme intended to reduce costs and energy consumption while maintaining mission assurance at all NDW bases. Smart Shore employs an enterprise-level sensor networking system that integrates the NDW region’s direct digital controls (DDC) and supervisory control and data acquisition (SCADA) systems into a protected enterprise network using secure wireless and wired technology. Efficient by design, the solution scales to facilities of all sizes, supporting both legacy and current industrial protocols.
You must be logged in to view this content.