Friday 31 October 2014

Conference Presentation: NATO Advanced Research Workshop - Cyber Defense for Critical Infrastructure

Chatham House gave a talk on the project findings thus far at the NATO Advanced Research Workshop: Strengthening Cyber Defense for Critical Infrastructure in Kiev, Ukraine on 30-31 October 2014.  The meeting was organized by the Polish Institute of International Affairs (PISM) in partnership with the Institute for Euro-Atlantic Cooperation.



We spoke on the panel entitled, "How is the Threat Environment Evolving" which looked at:

Most of the companies operating Critical Infrastructure (CI) have already experienced cyber-attacks and it is only a matter of time before a large scale attack happens. The majority of the attempts will come from non-state players. Although they do not possess the skills and extensive funding to create sophisticated weapons, they can challenge the stability of networks by performing a significant number of different types of attacks and intrusions. Even low end hackers without sophisticated skills can use a black market of cyber crime services and goods such as “zero day vulnerabilities” (previously undisclosed security holes in software), which can be used for infiltration of CI systems.

Additionally, non-state players create well organised and structured criminal gangs, possibly comprising thousands of individuals around the world, who are more effective due to the synergy effect.

States are able to develop sophisticated cyber-weapons but they will use them sparingly so as not to disclose their capabilities. The risk that advanced cyber-warfare capabilities will be developed or acquired by unsophisticated hackers or terrorists should be regarded as low, but cannot be disregarded.

Power grids are cheap to attack, and it should be expected that they will remain a primary warfare target. Attacks against energy infrastructure already make 60% of all the attacks against CI. It is also the sector that, should it be affected, will most likely trigger a cascade of negative effects to other sectors.

For more details: 

https://www.facebook.com/NATOarwSCfCI?fref=photo





Conference Presentation: Cyber Security in the Energy Sector

Roger Brunt CBE, member of the project Steering Committee and former director of the Office for Civil Nuclear Security, speaks on "Cyber and Nuclear Security" at an event on Cyber Security in the Energy Sector organized by the Energy Studies Institute, National University of Singapore.


Full conference programme here:


http://www.esi.nus.edu.sg/eventitem/2014/10/31/default-calendar/cyber-security-in-the-energy-sector