By Paul Witry, Graduate Student in MS of Threat and Response Management, University of Chicago; Emergency Management Consultant – Planning, Response, EOC Ops, IPSA Member
The vulnerabilities faced by critical infrastructure are not entirely new. Attacks have taken place against infrastructure systems around the globe. On the international stage, a series of attacks against Ukrainian electrical grids impacts thousands of customers across the nation. While short-lived, these attacks represent a source of concern for other nations, particularly the United States. Additionally, the structure of the software used to trigger these attacks also may have caused long-term damage within the utility infrastructure in Ukraine. This risk of extensive impacts across an infrastructure system represent a much larger concern than an outage lasting a few hours.
The Nashville bombing is an incident that could have been more tragic had it not been for the quick action of first responders to ensure the safety of those in the area. There was one fatality – the bomber. The explosion represents an attack on telecommunications and cyber critical infrastructure.
Telecommunications, critical infrastructure
The United States has a dependency on telecommunication infrastructure, a sector that is particularly vulnerable to both physical and cyber-attacks. This has been emphasized throughout the COVID-19 pandemic and heightened awareness of this dependency was further illustrated from the recent Nashville bombing.
Throughout the pandemic, organizations have shifted many operations to remote environments across the public and private sector. This transition has opened our eyes as to how critical functional telecommunications systems are to all types of organizations. Given this, securing our telecommunications network from both cyber and physical attacks must be high priority at the international and domestic level.
Implementing best practices for security across the public and private sectors can create a more secure world for all. Additionally, creating and maintaining the recommended channels of communication between local, state, federal, and international stakeholders offers effective coordination between all those involved.
Cyber, critical infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 under the United States Department of Homeland Security with the intent of identifying and securing our nation’s infrastructure from both cyber and physical threat actors.
The creation of CISA signifies a dedication to increased risk management when it concerns our national infrastructure for years to come. The agency continues to offer updated guidance and best practices for government facilities and public-private partners on how to implement countermeasures for bombings and other physical attacks, as well as cyber-attacks against critical infrastructure.
United Nations report
At the international level, a report compiled in 2018 by the United Nations Office of Counter-Terrorism (UNOCT) and United Nations Counter-Terrorism Committee Executive Directorate (CTED) offered a series of leading practices for securing critical infrastructure against terrorist attacks and other threat actors. Some of the most pertinent recommendations include:
- Taking a multi-agency approach: Many city and state law enforcement agencies in the United States are already implementing this best practice. The creation of fusion centers and task forces to address the threats that exist for their region. These lines of communication and collaboration are a requirement for implementing strong infrastructure security practices. These relationships promote the sharing of mission-critical information at all levels, which is integral when developing policies and implementing security measures. This also influences the additional best practices recommended in the report such as joint exercises and simulations between the stakeholder agencies and public-private partners, such as telecommunications and utility providers.
- Instituting an all-hazards plan: One of the core tenants of emergency management is considering all types of threats that may present themselves. Infrastructure is no different, requiring consideration of human error, natural disasters, and intentional acts to inhibit the operation of critical infrastructure. Countries take varying approaches to ensuring their infrastructure is prepared for attack, however many utilize an all-hazards approach. Some develop specific plans around terrorist actions or natural disasters which compliment these all-hazards plans. The vast array of threats faced by critical infrastructure.
- Determining the criticality of systems: Identifying what constitutes critical infrastructure is a difficult task. Nations have varying definitions of what they consider critical. CISA has taken on this task in the United States, continually updating what is considered critical for the nation to continue functioning. They identify 16 sectors that encompass the nation’s critical infrastructure. Combined with the determination of criticality is the process of prioritizing importance of these systems. This prioritization may look different across national plans based on factors such as size, region, and economy. Therefore, what services are deemed critical may differ based on the type of essential services are being delivered and how they are delivered.
These recommendations span both the domestic and international level, promoting collaboration among local agencies and between members of the international community.
Some threat actors may view infrastructure impacts as a tool to achieve their overall goals. Warden’s Five Strategic Rings theory originally grew out of military strategy. The concentric circles illustrate the layers surrounding the core of operations, which is leadership. Critical infrastructure is represented as the tertiary ring in this hierarchy. If threat actors were to become more strategic in their operations, critical infrastructure would represent their primary target due to its broad impacts. This shift to a more strategic system could signify an increase in potential attacks directed toward critical infrastructure from both foreign and domestic sources.
The Nashville bombing reinforces the idea that not all threat actors may be targeting the lives of others. In this scenario, the attacker’s target is thought to be the telecommunication system present in the area. As the world is increasingly interconnected and dependent on these infrastructure systems, they represent a more attractive target for actors who may wish to trigger cascading impacts that will last beyond the initial attack. The constant battle to stay abreast to the new tactics and tools being utilized by these actors will only intensify as their targets have a larger sphere of impact for any nation.
About the Author
Paul Witry is currently a graduate student at the University of Chicago studying Threat Response and Emergency Management. He holds a double B.A. in Political Science and International Relations with a focus in National Security from Loyola University of Chicago.