Critical Infrastructure: Control Systems and the Terrorist Threat

Abstract

Much of the U.S. critical infrastructure is potentially vulnerable to cyber-attack. Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority. Industry sectors potentially affected by a cyber-attack on process control systems include the electrical, telephone, water, chemical, and energy sectors. The federal government has issued warnings regarding increases in terrorist interest in the cyber-security of industrial control systems, citing international terrorist organization interest in critical infrastructure and increases in cyber-attacks on critical infrastructure computer systems. The potential consequences of a successful cyber-attack on critical infrastructure industrial control systems could be high and range from a temporary loss of service to catastrophic infrastructure failure affecting multiple states for an extended duration. The National Strategy for Securing Cyberspace, released in February 2003, contains a number of suggestions regarding security measures for control systems. A focus on the further integration of public/private partnerships and information sharing is described, along with suggestions that standards for securing control systems be developed and implemented. The Homeland Security Act of 2002 (P.L. 107-296) conglomerated several federal entities that play a role in cyber-security of control systems into the Department of Homeland Security. These entities include the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the National Infrastructure Simulation and Analysis Center, and parts of the Department of Energy's Office of Energy Assurance. Additionally, the Homeland Security Act of 2002 created a new class of information, critical infrastructure information, which can be withheld from the public by the federal government.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 14, 2003
Accession Number
ADA480245

Entities

People

  • Dana A. Shea

Organizations

  • Library of Congress

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Commerce
  • Computer Network Security
  • Control Systems
  • Cyberattacks
  • Cybersecurity
  • Cyberterrorism
  • Governments
  • Homeland Security
  • Industrial Control Systems
  • Information Security
  • Information Systems
  • Infrastructure
  • Intrusion Detection
  • National Governments
  • Natural Gas
  • Reliability
  • Terrorists

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Government and Public Administration Law.

Technology Areas

  • Cyber