Infrastructure security
   HOME

TheInfoList



OR:

Infrastructure security is the
security" \n\n\nsecurity.txt is a proposed standard for websites' security information that is meant to allow security researchers to easily report security vulnerabilities. The standard prescribes a text file called \"security.txt\" in the well known locat ...
provided to protect
infrastructure Infrastructure is the set of facilities and systems that serve a country, city, or other area, and encompasses the services and facilities necessary for its economy, households and firms to function. Infrastructure is composed of public and priv ...
, especially
critical infrastructure Critical infrastructure (or critical national infrastructure (CNI) in the UK) is a term used by governments to describe assets that are essential for the functioning of a society and economy – the infrastructure. Most commonly associated w ...
, such as
airport An airport is an aerodrome with extended facilities, mostly for commercial air transport. Airports usually consists of a landing area, which comprises an aerially accessible open space including at least one operationally active surfa ...
s,
highway A highway is any public or private road or other public way on land. It is used for major roads, but also includes other public roads and public tracks. In some areas of the United States, it is used as an equivalent term to controlled-access ...
s
rail transport Rail transport (also known as train transport) is a means of transport that transfers passengers and goods on wheeled vehicles running on rails, which are incorporated in tracks. In contrast to road transport, where the vehicles run on a prep ...
,
hospital A hospital is a health care institution providing patient treatment with specialized health science and auxiliary healthcare staff and medical equipment. The best-known type of hospital is the general hospital, which typically has an emergen ...
s,
bridge A bridge is a structure built to span a physical obstacle (such as a body of water, valley, road, or rail) without blocking the way underneath. It is constructed for the purpose of providing passage over the obstacle, which is usually someth ...
s,
transport hub A transport hub is a place where passengers and cargo are exchanged between vehicles and/or between transport modes. Public transport hubs include railway stations, rapid transit stations, bus stops, tram stops, airports and ferry slips. F ...
s, network communications,
media Media may refer to: Communication * Media (communication), tools used to deliver information or data ** Advertising media, various media, content, buying and placement for advertising ** Broadcast media, communications delivered over mass e ...
, the
electricity grid An electrical grid is an interconnected network for electricity delivery from producers to consumers. Electrical grids vary in size and can cover whole countries or continents. It consists of:Kaplan, S. M. (2009). Smart Grid. Electrical Power ...
, dams,
power plant A power station, also referred to as a power plant and sometimes generating station or generating plant, is an industrial facility for the generation of electric power. Power stations are generally connected to an electrical grid. Many ...
s,
seaport A port is a maritime facility comprising one or more wharves or loading areas, where ships load and discharge cargo and passengers. Although usually situated on a sea coast or estuary, ports can also be found far inland, such as ...
s,
oil refineries An oil refinery or petroleum refinery is an industrial process plant where petroleum (crude oil) is transformed and refined into useful products such as gasoline (petrol), diesel fuel, asphalt base, fuel oils, heating oil, kerosene, li ...
, and
water system A water supply network or water supply system is a system of engineered hydrologic and hydraulic components that provide water supply. A water supply system typically includes the following: # A drainage basin (see water purification – sou ...
s. Infrastructure security seeks to limit vulnerability of these structures and systems to
sabotage Sabotage is a deliberate action aimed at weakening a polity, effort, or organization through subversion, obstruction, disruption, or destruction. One who engages in sabotage is a ''saboteur''. Saboteurs typically try to conceal their identitie ...
,
terrorism Terrorism, in its broadest sense, is the use of criminal violence to provoke a state of terror or fear, mostly with the intention to achieve political or religious aims. The term is used in this regard primarily to refer to intentional violen ...
, and
contamination Contamination is the presence of a constituent, impurity, or some other undesirable element that spoils, corrupts, infects, makes unfit, or makes inferior a material, physical body, natural environment, workplace, etc. Types of contamination ...
. Critical infrastructures naturally utilize information technology as this capability has become more and more available. As a result, they have become highly interconnected, and interdependent. Intrusions and disruptions in one infrastructure might provoke unexpected failures in others, which makes handing interdependencies a key concern. There are several examples where an incident at one critical infrastructure site affects others. For example, in 2003, the Northeastern American areas experienced a
power outage A power outage (also called a powercut, a power out, a power failure, a power blackout, a power loss, or a blackout) is the loss of the electrical power network supply to an end user. There are many causes of power failures in an electricity ...
that appears to have originated in the Midwest, and possibly from a tree branch. In 2013, damage caused by a sniper attack at an electrical substation in California threatened power distribution throughout Silicon Valley. The 2020 Nashville bombing caused telecommunications outages in several states.


Potential causes of infrastructure failure

Critical infrastructure is vital for essential functioning of a country. Incidental or deliberate damage will have serious impact on the economy as well as providing essential services to the communities it serves. There are a number of reasons why infrastructure needs to be heavily secured and protected. *
Terrorism Terrorism, in its broadest sense, is the use of criminal violence to provoke a state of terror or fear, mostly with the intention to achieve political or religious aims. The term is used in this regard primarily to refer to intentional violen ...
- person or groups deliberately targeting critical infrastructure for political gain. In the
November 2008 Mumbai attacks The 2008 Mumbai attacks (also referred to as 26/11, pronounced "twenty six eleven") were a series of terrorist attacks that took place in November 2008, when 10 members of Lashkar-e-Taiba, an Islamist terrorist organisation from Pakistan, ...
, the Mumbai central station and hospital were deliberately targeted. *
Theft Theft is the act of taking another person's property or services without that person's permission or consent with the intent to deprive the rightful owner of it. The word ''theft'' is also used as a synonym or informal shorthand term for som ...
– person of groups breaking into critical infrastructure sites like electrical substations or telecommunication towers to steal materials or equipment (e.g.
metal theft Metal theft is "the theft of items for the value of their constituent metals". It usually increases when worldwide prices for scrap metal rise, as has happened dramatically due to rapid industrialization in India and China. Apart from precious m ...
) *
Sabotage Sabotage is a deliberate action aimed at weakening a polity, effort, or organization through subversion, obstruction, disruption, or destruction. One who engages in sabotage is a ''saboteur''. Saboteurs typically try to conceal their identitie ...
- person or groups such as ex-employee, political groups against governments, environmental groups in defense of environment. Refer to Bangkok's International Airport Seized by Protestors. *
Information warfare Information warfare (IW) (as different from cyber warfare that attacks computers, software, and command control systems) is a concept involving the battlespace use and management of information and communication technology (ICT) in pursuit of a ...
- private person hacking for private gain or countries initiating attacks to glean information and also damage a country's infrastructure. For example, in cyberattacks on Estonia and cyberattacks during the 2008 South Ossetia war. *
Natural disaster A natural disaster is "the negative impact following an actual occurrence of natural hazard in the event that it significantly harms a community". A natural disaster can cause loss of life or damage property, and typically leaves some econ ...
- hurricane or natural events which damage critical infrastructure such as oil pipelines, water and power grids. See
Hurricane Ike Hurricane Ike () was a powerful tropical cyclone that swept through portions of the Greater Antilles and Northern America in September 2008, wreaking havoc on infrastructure and agriculture, particularly in Cuba and Texas. Ike took a sim ...
and
Economic effects of Hurricane Katrina The economic effects of Hurricane Katrina, which hit Louisiana, Florida, Texas and Mississippi in late August 2005, were far-reaching. ...
.


Security challenges for the electricity infrastructure

One of the fundamental foundations of modern society is the electrical power systems. An intentional disruption of electricity supplies would affect national security, the economy, and every person's life. Because power grids and their sources are widely dispersed, this is a challenge for the effectiveness of defensive organizations and structures. Sabotage can damage electrical sources for the power grid, including civilian nuclear power stations. Sabotage in the form of cyberattacks can create havoc with computer, communication, and information systems, which could severely interrupt the electrical supply. This in turn can cause major disruptions to other infrastructure components of society. Comprehensive defense plans are proposed. One method is to isolate load systems. Sophisticated defense systems should be wide-area, real-time protection, with control systems that are alerted and guided by sensing technologies. Communication and information must be capably routed.


Remedies

Many countries have initiated government agencies to directly manage the security of critical infrastructure usually through the Ministry of Interior/Home Affairs, dedicated security agencies to protect facilities such as
United States Federal Protective Service The Federal Protective Service (FPS) is the uniformed police division of the United States Department of Homeland Security (DHS). It is also "the federal agency charged with protecting and delivering integrated law enforcement and security servi ...
, as well as dedicated transport police such as the UK's
British Transport Police , nativename = , abbreviation = BTP , patch = , patchcaption = , logo = British Transport Police Logo.svg , logocaption = Logo of the British Transport Police , badge = , badgecaption = , f ...
and
Amtrak Police The Amtrak Police Department (APD) is a quasi-federal railroad police department and the law enforcement agency of Amtrak (also known as the National Railroad Passenger Corporation), the government-owned passenger train system in the United Sta ...
in the United States. A number of government organizations focus on infrastructure security and protection. In the USA, the Technical Support Working Group has th
Infrastructure Protection Subgroup
The UK has the
National Infrastructure Security Co-ordination Centre The National Protective Security Authority (NPSA), formerly the Centre for the Protection of National Infrastructure (CPNI), is the national technical authority in the United Kingdom for physical and personnel protective security, maintaining ...
. Critical infrastructure sites may deploy
perimeter intrusion detection systems A perimeter intrusion detection system (PIDS) is a device or sensor that detects the presence of an intruder attempting to breach the physical perimeter of a property, building, or other secured area. A PIDS is typically deployed as part of an ...
,
video surveillance Closed-circuit television (CCTV), also known as video surveillance, is the use of video cameras to transmit a signal to a specific place, on a limited set of monitors. It differs from broadcast television in that the signal is not openly tr ...
,
access control In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of ''accessing'' may mean consuming ...
and other
security systems Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social ...
to detect and respond to intruders and other security events.


See also

*
National security National security, or national defence, is the security and defence of a sovereign state, including its citizens, economy, and institutions, which is regarded as a duty of government. Originally conceived as protection against military att ...
*
Information warfare Information warfare (IW) (as different from cyber warfare that attacks computers, software, and command control systems) is a concept involving the battlespace use and management of information and communication technology (ICT) in pursuit of a ...
*
Cyberattack A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricte ...
*
Homeland security Homeland security is an American national security term for "the national effort to ensure a homeland that is safe, secure, and resilient against terrorism and other hazards where American interests, aspirations, and ways of life can thrive" t ...
*
Airport security Airport security includes the techniques and methods used in an attempt to protect passengers, staff, aircraft, and airport property from malicious harm, crime, terrorism, and other threats. Aviation security is a combination of measures and hum ...
*
Physical security Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Phy ...
*
High-voltage transformer fire barriers High-voltage transformer fire barriers, or transformer firewalls, transformer ballistic firewalls, transformer blast walls, are outdoor countermeasures against cascading failures in a national electric grid. The purpose of these barriers, like c ...
US or North American specific: *
United States Federal Protective Service The Federal Protective Service (FPS) is the uniformed police division of the United States Department of Homeland Security (DHS). It is also "the federal agency charged with protecting and delivering integrated law enforcement and security servi ...
*
National Infrastructure Protection Plan The National Infrastructure Protection Plan (NIPP) is a document called for by Homeland Security Presidential Directive 7, which aims to unify Critical Infrastructure and Key Resource (CIKR) protection efforts across the country. The latest version ...
* North American Electric Reliability Corporation (NERC)


References

{{Reflist


External links


US Transportation Security Administration WebsiteUK Department of Transport's Transport SecurityPartnership for Critical Infrastructure Security
Infrastructure National security Public safety