chungking - Fotolia

2018 could be year of critical infrastructure attacks, says report

The coming year is likely to see an increase in the number of cyber attacks on critical national infrastructure (CNI), according to a report based on experts’ forecasts

While 2017 was a year of “electoral hacking” and an intense information war aimed at shaping the recipients’ viewpoint, the latest cyber security report by The Kosciuszko Institute predicts that 2018 could be a year of cyber attacks on critical infrastructure.

This trend will challenge the fundamental values of openness and freedom that underlie the internet, according to Marina Kaljurand, chair of the Global Commission on the Stability of Cyberspace and former Estonian minister of foreign affairs.

Paul Timmers, an academic at Oxford University and former director of the European Commission’s Sustainable & Secure Society Directorate, notes that attacks on systems that are crucial for the functioning of the state and society, including logistics, health and energy, date from 2016.

Timmers believes the risk of attacks in 2018 may spread to other sectors of the economy, such as transport. An important element of the potential incidents, he said, will be their predicted international and cross-sector nature, which creates a dire need for cooperation between international organisations, governments and companies.

“This state of affairs brings economic challenges related to the current lack of experts in cyber security, and the fact that digitisation blurs the border between sectors, makes cooperation all the more important,” he said.

However, the increased number of attacks on critical infrastructure will not reduce the extent of information war, the report said.

Disinformation campaigns

According to Wiesław Goździewicz, legal adviser to the Nato Joint Force Training Centre, disinformation campaigns will continue to be an important part of hybrid conflicts.

“Massive disinformation campaigns, often conducted with the use of botnets created to produce social media messaging via fake, spoofed or taken over accounts, will continue to occur to create false perception or at least influence the perception of selected groups or societies, to draw public opinion’s attention away from the actual aims of state and non-state actors engaged in hybrid activities,” he said.

Liisa Past, chief research officer at the cyber security branch of the Estonian Information System Authority, predicts a similar threat. According to Past, 2018 will challenge governments and bodies responsible for the cyber security of electoral processes in terms of the ability to respond to potential threats.

“This concerns the bodies responsible for organising elections, as well as the parties and candidates who use business or private devices themselves, and even if 2018 does not affect the key electoral processes in EU member states, we should still focus on the future and prepare for the 2019 elections to the European Parliament,” she said.  

Securing critical infrastructure

Serious attacks on critical infrastructure is related to an increasing activity of states, the report said, with experts anticipating countries such as Russia or North Korea to become even more active.

According to Pauline Neville-Jones, a member of the UK House of Lords and a former member of the UK National Security Council, these countries will attempt to harm democratic societies by disrupting their functioning and national unity.

“This is especially dangerous because democratic societies are driving towards an increasing dependency on ICT systems without properly securing them first against incidents,” she said.

Dean Valore, attorney at Law, Valore & Gordill and former assistant US attorney for the Department of Justice, believes the risk from North Korea will grow with the increasing political tension in the region.

“A Korean cyber attack could aim for large-scale disruptions to infrastructure,” he said. “The potential threats from nation states force us to build a deterrence strategy that would be based on the ability to attribute responsibility for particular events.

“Liisa Past suggests that 2018 will challenge this very ability, which is why we should expand the potential (technological, political as well as legal) required to detect attackers,” he said.

Ideological divide

Sean Kanuck, director of future conflict and cyber security at the International Institute for Strategic Studies and formerly the first US national intelligence officer for Cyber Issues, predicts a period of an intense use of sanctions as a diplomatic tool against entities that undertake offensive actions in the cyber space.

The growing likelihood of ever-escalating conflicts in the cyber space makes it necessary to address standards of operation in the digital space, the report said.

Goździewicz believes there is a need to enable a successful collaboration in this respect, saying that it is imperative to address issues such as new and existing threats, strengthening abilities, skills and trust, creating recommendations for the implementation of standards, legal acts and rules of responsible national conduct, and the application of international law in IT and communication.

The lack of consensus in the UN, he said, indicates an extensive, deepening divide between the viewpoints typical for the Western bloc and countries such as China and Russia.

According to Kaljurand, such a clear division in ideologies, makes it all the more necessary for Western bloc countries to focus on expanding collaboration.

Protecing intellectual property and cryptocurrencies

Another trend predicted for 2018 is continued activity on the part of cyber criminals. Goździewicz suggests that criminal groups will still be one step ahead of security specialists in this “arms race”.

Liisa Past highlights the collaboration between cyber criminals and nation states, underlining that proxies will continue to be employed in 2018 to achieve political goals.

Valore warns that the more cryptocurrencies gain in value, the more criminals are going to consider stealing them. “Preventing the theft of cryptocurrency remains a priority for the US Department of Justice, especially since criminal groups from North Africa, Russia and the Balkans shows no sign of declining,” he said.

Timmers said another area that is particularly vulnerable to cyber theft is intellectual property. “Continued intervention is required by the public sector, which should designate more funds for research programmes to strengthen the abilities that can prevent this type of crime,” he said.

According to Timmers, the protection of intellectual property on an international scale will be one of the areas in which there will be development of cyber security policies. “Wherever the activity of states is lacking, industry, especially the automotive and energy sectors, will increase its engagement in global cooperation,” he said.

Informing future security standards

Timmers also believes Europe is going to become a reference point for information security standards and other policies related to cyber security.

Joanna Świątkowska, programme director of the European Cybersecurity Forum, predicts that 2018 will see the implementation and further development of EU policies.

“We can expect a heated debate on the solutions that have been proposed as part of the EU Cybersecurity Package. Certification is going to be a particularly interesting subject,” she said.

According to Świątkowska, the EU’s Network and Information Systems (NIS) Directive and General Data Protection Regulation (GPDR) will significantly change the cyber security landscape in Europe from 2018.

In addition to EU’s activity in cyber security, the report by The Kosciuszko Institute said Nato is expected to take decisive steps in 2018.

The Polish think tank believes that the decisions made during a meeting of the North Atlantic Council at the level of Ministers of Defence, which took place on 8 November 2017, indicate that a Nato Centre for Cybernetic Operations will be established as part of the Allied Command Operations.

“A doctrine for cybernetic operations is going to be adopted soon, as well. Its aim is to regulate political and operational control over national cyber abilities that will be shared voluntarily to support allied activity,” the report said.

Goździewicz said the ongoing restructuration in Nato command creates an opportunity to include a cyber cell in the remodelled Supreme Headquarters Allied Powers Europe and the relevant bodies in Allied Joint Force Commands.

“Military cyber abilities are also being strengthened by operations undertaken on the level of nation states,” he said.

Read more about critical infrastructure security

  • US warns of cyber attacks on critical infrastructure.
  • UK critical infrastructure skipping security checks.
  • Airbus helps drive critical infrastructure cyber security.
  • Europe not ready for imminent cyber strikes, say infosec professionals.

Read more on Hackers and cybercrime prevention

Data Center
Data Management