Information Security and the National Infrastructure
Cyber-attacks have become an avenue for the terrorists and conmen worldwide with very many people being victims of these attacks. It is believed that there are over seven hundred and twenty million cyber-attack attempts in every twenty-four hours worldwide (Suter & Brunner, 2013). For an average business to detect the malicious code used by the hackers, it usually takes ninety-nine days which is an enough time for hackers to have caused the damage.
The United States is one of the countries that experience the highest level of cyber-crime. However, due to its continued emphasis on stopping these attacks and directing more resources towards them, the number of attacks of this nature is expected to drop at a significant level. US government has become more involved mainly by using the federal government for the reason that the Supervisory Control of Data Acquisition (SCADA) systems that control the essential infrastructures are vital to the state (Jayanthi, 2017). The United States is one of the countries with the most substantial number of industries. These industries and other infrastructure, due to the emergence of technology, have opted to use technology in every task that they engage in every day. This has created an ample target for the cyber attackers with a devilry aim of killing people or even bringing devastating losses to the companies.
The United States government came up with strategies that would help reduce the instances of these cyber-attacks. These policies include the process control system which was formed by the department of homeland security and that tries to stop the attacks on the IT by working with groups either private or public to transfer IT morphing to industrial control systems. The government also, under the national infrastructure protection plan, outlines the need for people and the community working together with the government and other private sectors with the aim of trying to manage the risks and achieve security and flexibility outcomes (Suter & Brunner, 2013). There has also been the use of SCADA systems which when integrated with corporate business systems leads to achieving the efficiency in operations and at the same time due to its interconnectedness, it leads to high-security risk.
Oil and gas industries are prime targets
The oil and gas industries together with the financial, telecommunication and transport sector are at the highest risk of being targeted by the bad guys as per the article. The author further describes that the reason for oil and gas industry is the most likely to be targeted by the hackers and some of these reasons are that if this industry is hacked, it can lead to more detrimental outcomes than other industries. Most of the pirates usually have a point that they need to drive home, by this, they choose a method that will be addressed faster and will draw attention (Jayanthi, 2017). The most common way they use is by killing people and therefore, due to the explosiveness of these commodities, it would be the best method for them.
According to Jayanthi, (2017) the oil and gas industry is also more vulnerable than other industries due to the range of uses of these products. Most other companies use these products for successful manufacturing of goods as well as the provision of services. Due to the increase in fuel prices, the author says, these industries stand at a high vulnerability to be hacked.
The oil industry is the largest industry and accessed by very many people, from staff, job applicants and customers. For this reason, they have a lot of information that they need to secure. Other people would like to access this info illegally and the industry having automated almost all of its activities, it attracts a lot of hackers to try to obtain this information. This data includes that of financial records, customer records and much more.
In my views, I concur with the author of this article that the industry with the highest risk of being attacked is the oil and gas industry. This is because of the outcomes that would be realized in case the industry is attacked and also the vulnerability of the sector. The results can be seen in the California attack where an insider disabled the oil leak detection system after failing to secure a permanent job in the company. If by any means the oil would have leaked, the consequences of that leakage would be very distressing.
Need to regulate SCADA and industrial control systems
Since most of the country’s business has adopted the use of computers and internet, there is the urge to regulate the supervisory control of data acquisition. This is with the aim of protecting the nation’s resources from those with evil intentions of hacking (Marrin, 2014). Most of the nation’s resources are at high risks if they are not adequately secured, of being tampered with by these hackers.
There is also the need to regulate these systems to achieve the goal of securing the citizens of a country. The safety of citizens is always the priority that a government gives to its citizens. For this reason, since most cybercrimes will result in exploitation or even death of people, there should be the regulation of these systems. However, the regulation of the systems and the struggle of reducing the attacks have not been dealt with accordingly. This is because the number of these kinds of attacks is still elevating (Marrin, 2014). The article further describes that due to the interconnection nature of the national infrastructure, it leads to opening up of new possibilities not only for information stealing but also interfering with the real physical disaster.
Jayanthi, M. (2017). Strategic Planning for Information Security -DID Mechanism to befriend the Cyber Criminals to assure Cyber Freedom. 2017 2nd International Conference on Anti-Cyber Crimes (ICACC). doi:10.1109/anti-cybercrime.2017.7905280
Marrin, S. (2014). The 9/11 Terrorist Attacks: A Failure of Policy Not Strategic Intelligence Analysis. Intelligence and National Security, 26(2-3), 182-202. doi:10.1080/02684527.2011.559140
Suter, M., & Brunner, E. (2013). Critical Information Infrastructure Protection, United States. Wiley Handbook of Science and Technology for Homeland Security. doi:10.1002/9780470087923.hhs562