The response to potentially deadly cyber attacks must be preparation and co-operation.
April 11, 2017 By Kenrick Bagnall
It is human nature to sometimes take for granted the services we expect to be there when needed. We turn on the tap and clean water begins to flow. We flick a switch and a dark room is instantly illuminated. We complain about the cost of fuel and traffic congestion yet still our vehicles traverse the roadways of our cities and we give little to no thought to the complex grid of traffic signals, cameras and rail crossings that contribute to making our journey safe.
I’m going to suggest that there is no threat more serious to the existence of human kind as we know it today, than that of the threat to critical infrastructure. There was a time when it was simply, “infrastructure” — the building blocks that made up our supply chain, transportation and power grids, food and water supply, telecommunications, financial services, health care and more.
These systems are now interconnected, interdependent and in many cases vulnerable to cyber-attacks.
The Northeast power failure of 2003 affected the North East of the United States and most of the Province of Ontario. A software glitch caused a cascading effect, shutting down adjacent power grids leaving millions of people without power for eight to 48 hours. In some remote areas, it took up to two weeks to restore power.
In 2010 a sophisticated cyber weapon that came to be known as Stuxnet was responsible for disabling the Iranian nuclear program at the Natanz enrichment facility. The source code for Stuxnet has been widely shared and distributed across the Internet.
In 2014, the Korea Hydro & Nuclear Power Co Ltd, reported necessary cyber security upgrades were implemented after non-critical data was stolen from their computer systems.
In October of 2016 a massive DDoS (Distributed Denial of Service) attack was executed against DYN, a DNS (Domain Name Services) service provider. This cyber-attack inundated the DYN servers with an unsustainable amount of requests, resulting in disrupted access to popular sites such as Paypal, Netflix, Spotify, Amazon and Twitter, to name just a few.
Cyber-attacks are wide-ranging and far reaching. Organizations and individuals are being forced to do more to protect their virtual assets. In the case of critical infrastructure, the consequences of a cyber-attack could be measured in financial losses and in a worst case scenario, the loss of life.
So what approach should be taken to make our infrastructure more secure? The approach starts with the right attitude or mindset. One must adopt a “when,” not “if” approach to cyber security. This mindset will help to promote the hyper vigilance necessary to keep systems safe.
Strategic partnerships and good communication is also key, engaging with law enforcement pre-cyber incident can make things run smoother. Organizations like the Canadian Cyber Threat Exchange are excellent resources for the sharing of information and cyber threat intelligence.
Due to the cross border nature of cybercrime and the shared risk between countries and governments, law enforcement and security agencies must strive to find better ways of sharing information and working together with a view to mitigating the very real threats to critical infrastructure.
In June 1996, Justice Archie Campbell said it best in his report when he spoke about the need for systems to improve investigations: “A case management system is needed that is based on co-operation, rather than rivalry, among law enforcement agencies.”
At a time during the infancy of the Internet, Justice Campbell had the vision to know what one of the keys to successful cybercrime investigations would be. It is our shared responsibility to see this vision through by working together.
Kenrick Bagnall is a Detective Constable with the Toronto Police Service Computer Cybercrime Unit (C3) @KenrickBagnall.
Print this page