By David Gilmore, 29th November 2023
Image created by GPT4 Dall-e
In an increasingly interconnected world, the security of our critical infrastructure has never been more important. Recent cyber attacks, such as the DP World cyber attack in Australia and the Optus telecommunications data breach, highlight a growing trend: hackers are targeting the systems we rely on the most.
Critical infrastructure refers to the physical assets and systems that are so vital to Australia that their incapacity would have a debilitating impact on national security, economic security, public health, or safety. This includes sectors like energy, telecommunications, transportation, and water supply.
In 2023, DP World, one the world's largest maritime operators, responsible for 40% of sea freight in Australia, faced a significant cyber attack at its port in Melbourne. The incident caused substantial disruptions to shipping and supply chains, underscoring the vulnerability of critical infrastructure to digital threats.
Critical infrastructure, such as freight or utilities, are high-value targets for both ransomware gangs who are financially motivated and to state sponsored attackers who may be try to use such as attacks for economic or political leverage. The implications of such attacks can wide ranging and can have both immediate and long term effects. In the immediate aftermath of a cyber attack, critical services may be disrupted or can be completely unavailable. The longer term effects can be lasting damage to a nations economy, international reputation and erosion of the public trust in government and the private sector entities.
Mitigating the Risks
To counter the effects of such attacks, critical infrastructure services must be air gapped, where possible. To air-gap a network is to physically isolate the internal network to the wider internet or any other external network, the isolation must be literal, there must be no possible way for any of the critical infrastructures internal network to communicate with the internet. NO ethernet ports, no usb ports, no wide area network and there must be specific technologies implemented to prevent any possible network connections, such as wifi jamming and the use of propriety network communication devices that have specific firmware that does not allow external communications.
The strictest of data transfer restrictions must be implemented, physical access to office space, data centres, industrial plants must again use the strictest of access protocols available, internal systems should use cryptographic authentication keys along with account passwords. We should have already moved beyond username and passwords, ALL systems should have multi factor authentication, preferably with a biometric element along with public and private keys and the use of VPN's.
It is important that air gapping is used as just a part of a multi layered approach to security, physical isolation alone will not protect a network.