Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

Army Boss: Transport Infrastructure at Risk of Cyber-Attack

 
June 14th 2018
The UK’s traffic control and transport systems are the latest piece of critical infrastructure (CNI) experts are warning could be sabotaged by nation state hackers.

The comments came initially from Christopher Deverell, the commander of Britain’s Joint Forces Command, on BBC Radio 4’s Today program.

“There are many potential angles of attack on our systems. A lot of our capabilities in society depend on our control systems which are accessible by cyber-space,” he argued.

"So you can imagine threats to power stations, threats to air traffic control, threats to transport systems. We need to be able to defend ourselves against them.”

Michael Fabien, principal consultant at Synopsys, argued that the precedent for disruption of CNI via cyber-attacks has already been set globally.

"What we can take away as a positive is that officials are aware of the potential risks, and we can hope they are actively pursuing remediation programs to improve the security of their operations, keeping the UK’s core infrastructure safe,” he added.

Russia has famously been behind much of that disruption, infiltrating the US energy grid, attacking UK telecoms, media and energy sectors and most recently compromising routers and NAS devices with destructive malware.

It has also been blamed for the 2015 and 2016 attacks on Ukrainian power stations that left hundreds of thousands in the dark.

Sean Newman, director at Corero Network Security, argued that connecting operational and IT networks can improve efficiency but also expose firms to the risk of attack from the public internet.

“The question now, is more around who is bold enough, rather than capable of, carrying out such attacks, and risking the likely repercussions,” he said.

“It’s reasonable to assume it’s more a matter of [when], than if, so the operators of such systems need to be fully cognisant of the potential risks and deploy all reasonable protection to minimize it.” 

Nozomi Networks’ Andrea Carcano argued that the UK’s critical infrastructure is being “probed and poked” by nation states, cybercrime groups and hacktivists every day.

“The challenge for those charged with protecting our critical infrastructure is visibility, as you can’t protect what you don’t know exists. Some 80% of the industrial facilities we visit do not have up-to-date lists of assets or network diagrams,” he continued.

“Ironically, this doesn’t pose a problem to criminals who are using readily available open source tools to query their targets and build a picture of what makes up their network environment and is potentially vulnerable — be it a power plant, factory assembly line, or our transport infrastructure.”

It is hoped the NIS Directive, which came into force in early May, will help drive improvements in baseline security for certain CNI providers including those in the transport sector.

Source


Keywords