For any nation, protecting critical infrastructure is, as the term suggests, critical.
As the US Department of Homeland Security (DHS) stated recently, critical infrastructure is the backbone of our country's national and economic security. Such infrastructure encompasses power plants, chemical facilities, cyber networks, utilities, public health and government buildings. As more and more of these entities and systems become connected to (and powered by) the internet, they have become easier to manage than ever before.
This interconnectedness however, introduces critical infrastructures to many of the web-based problems that enterprises and consumers have encountered as our daily lives have become more centred on the internet: in particular, cyber attacks. In spite of the importance of critical infrastructure, and often because of it, violations and targeted attempts at manipulation are common.
Breaches to national critical infrastructures occur globally. Last July the Indian government suffered from a major cyber attack that resulted in roughly 12,000 accounts being hacked. These included several high-level officials from the Ministry of External Affairs, Defence Research and Development Organisation (DRDO), Ministry of Home Affairs and the Indo-Tibetan Border Police (ITBP).
In 2012, ICS-Cert issued an alert advising American utilities to monitor internet-facing control systems for activity by hackers attempting to gain remote access to control systems through brute force authentication attacks. The attackers attempted to obtain a user's logon credentials by guessing usernames and passwords. Meanwhile in the UK, the number of data breaches involving NHS trusts has risen by almost 1,000 per cent over the past five years.