Infrastructure Security
Encyclopedia
Infrastructure security is the security
provided to protect infrastructure
, especially critical infrastructure
, such as airport
s, highway
s rail transport
, hospital
s, bridge
s, transport hubs, network communications, media
, the electricity grid
, dam
s, power plants, seaports, oil refineries
, and water systems. Infrastructure security seeks to limit vulnerability of these structures and systems to sabotage
, terrorism
, and contamination
.
Critical infrastructures naturally utilize information technology as this capability has become more and more available. As a result they have become highly interconnected, and interdependent. Intrusions and disruptions in one infrastructure might provoke unexpected failures to others. How to handle
interdependencies becomes an important problem.
The most recent example of vulnerable infrastructure was the electrical grid in 2003, when Northeastern American areas experienced a power outage
that appears to have originated in the Midwest, and possibly from a tree branch.
Sabotage can damage electrical sources for the power grid, including civilian nuclear power stations. Sabotage in the form of cyberattacks can create havoc with computer, communication, and information systems, which could severely interrupt the electrical supply. This in turn can cause major disruptions to other infrastructure components of society. Comprehensive defense plans are proposed.
One method is to isolate load systems. Sophisticated defense systems should be
wide-area, real-time protection, with control systems that are alerted and guided by sensing technologies. Communication and information must be capably routed.
and also creation of dedicated transport police such as the British Transport Police
. There are also commercial transportation security units such as the Amtrak Police
in the United States.
A number of government organizations has focus on infrastructure security and protection. The Technical Support Working Group has the Infrastructure Protection Subgroup. The UK has the National Infrastructure Security Co-ordination Centre
.
Several infrastructures also utilise fiber optic perimeter intrusion detection security systems, which enables the detection and location of intrusions over many miles of deployed fiber. This is commonly utilised at water utility sites and at other critical infrastructure sites globally.
US specific:
Security
Security is the degree of protection against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition. The Institute for Security and Open Methodologies in the OSSTMM 3 defines security as "a form of protection...
provided to protect infrastructure
Infrastructure
Infrastructure is basic physical and organizational structures needed for the operation of a society or enterprise, or the services and facilities necessary for an economy to function...
, especially critical infrastructure
Critical infrastructure
Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy. Most commonly associated with the term are facilities for:*electricity generation, transmission and distribution;...
, such as airport
Airport
An airport is a location where aircraft such as fixed-wing aircraft, helicopters, and blimps take off and land. Aircraft may be stored or maintained at an airport...
s, highway
Highway
A highway is any public road. In American English, the term is common and almost always designates major roads. In British English, the term designates any road open to the public. Any interconnected set of highways can be variously referred to as a "highway system", a "highway network", or a...
s rail transport
Rail transport
Rail transport is a means of conveyance of passengers and goods by way of wheeled vehicles running on rail tracks. In contrast to road transport, where vehicles merely run on a prepared surface, rail vehicles are also directionally guided by the tracks they run on...
, hospital
Hospital
A hospital is a health care institution providing patient treatment by specialized staff and equipment. Hospitals often, but not always, provide for inpatient care or longer-term patient stays....
s, bridge
Bridge
A bridge is a structure built to span physical obstacles such as a body of water, valley, or road, for the purpose of providing passage over the obstacle...
s, transport hubs, network communications, media
Media (communication)
In communications, media are the storage and transmission channels or tools used to store and deliver information or data...
, the electricity grid
Grid (electricity)
An electrical grid is a vast, interconnected network for delivering electricity from suppliers to consumers. It consists of three main components: 1) generating plants that produce electricity from combustible fuels or non-combustible fuels ; 2) transmission lines that carry electricity from power...
, dam
Dam
A dam is a barrier that impounds water or underground streams. Dams generally serve the primary purpose of retaining water, while other structures such as floodgates or levees are used to manage or prevent water flow into specific land regions. Hydropower and pumped-storage hydroelectricity are...
s, power plants, seaports, oil refineries
Oil refinery
An oil refinery or petroleum refinery is an industrial process plant where crude oil is processed and refined into more useful petroleum products, such as gasoline, diesel fuel, asphalt base, heating oil, kerosene, and liquefied petroleum gas...
, and water systems. Infrastructure security seeks to limit vulnerability of these structures and systems to sabotage
Sabotage
Sabotage is a deliberate action aimed at weakening another entity through subversion, obstruction, disruption, or destruction. In a workplace setting, sabotage is the conscious withdrawal of efficiency generally directed at causing some change in workplace conditions. One who engages in sabotage is...
, terrorism
Terrorism
Terrorism is the systematic use of terror, especially as a means of coercion. In the international community, however, terrorism has no universally agreed, legally binding, criminal law definition...
, and contamination
Contamination
Contamination is the presence of a minor and unwanted constituent in material, physical body, natural environment, at a workplace, etc.-Specifics:"Contamination" also has more specific meanings in science:...
.
Critical infrastructures naturally utilize information technology as this capability has become more and more available. As a result they have become highly interconnected, and interdependent. Intrusions and disruptions in one infrastructure might provoke unexpected failures to others. How to handle
interdependencies becomes an important problem.
The most recent example of vulnerable infrastructure was the electrical grid in 2003, when Northeastern American areas experienced a power outage
Northeast Blackout of 2003
The Northeast blackout of 2003 was a widespread power outage that occurred throughout parts of the Northeastern and Midwestern United States and Ontario, Canada on Thursday, August 14, 2003, just before 4:10 p.m....
that appears to have originated in the Midwest, and possibly from a tree branch.
Potential causes of infrastructure failure
Critical infrastructure is vital for essential functioning of a country. Incidental or deliberate damage will have serious impact on the economy as well as providing essential services to the communities it serves. There are a number of reasons why infrastructure needs to be heavily secured and protected.- TerrorismTerrorismTerrorism is the systematic use of terror, especially as a means of coercion. In the international community, however, terrorism has no universally agreed, legally binding, criminal law definition...
- person or groups deliberately targeting critical infrastructure for political gain. In the November 2008 Mumbai attacks, the Mumbai central station and hospital were deliberately targeted. - SabotageSabotageSabotage is a deliberate action aimed at weakening another entity through subversion, obstruction, disruption, or destruction. In a workplace setting, sabotage is the conscious withdrawal of efficiency generally directed at causing some change in workplace conditions. One who engages in sabotage is...
- person or groups such as ex-employee, political groups against governments, environmental groups in defense of environment. Refer to Bangkok's International Airport Seized by Protestors. - Information warfareInformation warfareThe term Information Warfare is primarily an American concept involving the use and management of information technology in pursuit of a competitive advantage over an opponent...
- private person hacking for private gain or countries initiating attacks to glean information and also damage a country's infrastructure. For example in cyberattacks on Estonia2007 cyberattacks on EstoniaCyberattacks on Estonia refers to a series of cyber attacks that began April 27, 2007 and swamped websites of Estonian organizations, including Estonian parliament, banks, ministries, newspapers and broadcasters, amid the country's row with Russia about the relocation of the Bronze Soldier of...
and cyberattacks during the 2008 South Ossetia warCyberattacks during the 2008 South Ossetia warDuring the 2008 South Ossetia war a series of cyberattacks swamped and disabled websites of numerous South Ossetian, Russian, Georgian, and Azerbaijani organisations.- Details :...
. - Natural disasterNatural disasterA natural disaster is the effect of a natural hazard . It leads to financial, environmental or human losses...
- hurricane or natural events which damage critical infrastructure such as oil pipelines, water and power grids. See Hurricane Ike and Economic effects of Hurricane KatrinaEconomic effects of Hurricane KatrinaThe economic effects of Hurricane Katrina, which hit Louisiana, Texas and Mississippi in late August 2005, were far-reaching. As of April 2006, the Bush Administration has sought $105 billion for repairs and reconstruction in the region, making it the costliest natural disaster in US history...
.
Security challenges for the electricity infrastructure
One of the fundamental foundations of modern society is the electrical power systems. An intentional disruption of electricity supplies would effect national security, the economy, and every person's life. Because power grids and their sources are widely dispersed, this is a challenge for the effectiveness of defensive organizations and structures.Sabotage can damage electrical sources for the power grid, including civilian nuclear power stations. Sabotage in the form of cyberattacks can create havoc with computer, communication, and information systems, which could severely interrupt the electrical supply. This in turn can cause major disruptions to other infrastructure components of society. Comprehensive defense plans are proposed.
One method is to isolate load systems. Sophisticated defense systems should be
wide-area, real-time protection, with control systems that are alerted and guided by sensing technologies. Communication and information must be capably routed.
Remedies
Many countries have initiated government agencies to directly manage the security of critical infrastructure usually through the Ministry of Interior/Home Affairs, dedicated security agencies to protect facilities such as United States Federal Protective ServiceUnited States Federal Protective Service
The Federal Protective Service is the federal police force of the Secretary of Homeland Security. As a component of U.S. Department of Homeland Security, National Protection and Programs Directorate within DHS Headquarters, FPS is responsible for law enforcement and security of nearly 9,000...
and also creation of dedicated transport police such as the British Transport Police
British Transport Police
The British Transport Police is a special police force that polices those railways and light-rail systems in Great Britain for which it has entered into an agreement to provide such services...
. There are also commercial transportation security units such as the Amtrak Police
Amtrak Police
The Amtrak Police is a railroad police agency that acts as the security and law enforcement agency of Amtrak, a passenger train system in the United States...
in the United States.
A number of government organizations has focus on infrastructure security and protection. The Technical Support Working Group has the Infrastructure Protection Subgroup. The UK has the National Infrastructure Security Co-ordination Centre
National Infrastructure Security Co-ordination Centre
The National Infrastructure Security Co-ordination Centre was an inter-departmental centre of the UK government.Set up in 1999. The role of NISCC was to minimise the risk to the Critical National Infrastructure from electronic attack....
.
Several infrastructures also utilise fiber optic perimeter intrusion detection security systems, which enables the detection and location of intrusions over many miles of deployed fiber. This is commonly utilised at water utility sites and at other critical infrastructure sites globally.
See also
- National securityNational securityNational security is the requirement to maintain the survival of the state through the use of economic, diplomacy, power projection and political power. The concept developed mostly in the United States of America after World War II...
- Information warfareInformation warfareThe term Information Warfare is primarily an American concept involving the use and management of information technology in pursuit of a competitive advantage over an opponent...
- Homeland securityHomeland securityHomeland security is an umbrella term for security efforts to protect states against terrorist activity. Specifically, is a concerted national effort to prevent terrorist attacks within the U.S., reduce America’s vulnerability to terrorism, and minimize the damage and recover from attacks that do...
- Airport securityAirport securityAirport security refers to the techniques and methods used in protecting airports and aircraft from crime.Large numbers of people pass through airports. This presents potential targets for terrorism and other forms of crime due to the number of people located in a particular location...
US specific:
- United States Federal Protective ServiceUnited States Federal Protective ServiceThe Federal Protective Service is the federal police force of the Secretary of Homeland Security. As a component of U.S. Department of Homeland Security, National Protection and Programs Directorate within DHS Headquarters, FPS is responsible for law enforcement and security of nearly 9,000...
- National Infrastructure Protection PlanNational Infrastructure Protection PlanThe National Infrastructure Protection Plan is a document called for by Homeland Security Presidential Directive 7, which aims to unify Critical Infrastructure and Key Resource protection efforts across the country. The latest version of the plan is 188 pages long and was released in January 2009...