Critical infrastructure has been one of the primary targets for cyber attacks in the U.S. for several years, but most people don’t understand the definition of critical infrastructure. Critical infrastructure are those things that sustain our way of life, like energy systems, healthcare, emergency services such as police and fire, as well as our transportation networks.
These sectors provide essential services that underpin American society and sustain the American way of life.
The first confirmed case of a cyber attack on critical infrastructure occurred on Nov. 8, 2011, in central Illinois. The attackers obtained access to the network of a water utility with credentials stolen from a company that makes software used to control industrial systems. Little damage was done but the incident highlighted the need to secure our critical infrastructure.
One of the issues with our current infrastructure systems is they were built for reliability and stability rather than security. Traditional enterprise IT security was ill-equipped to deal with these systems. Once an advanced attacker was in a system, they could have gone undetected for over a year! But strides have been made and the Department of Homeland Security is leading the effort to make our critical infrastructure more secure.
Individuals can do their part at home, at work, and in their local communities by being prepared for all hazards, reporting suspicious activities, and learning more about critical infrastructure security and resilience from the Department of Homeland Security website. To report suspicious activity, contact your local law enforcement agency. Describe specifically what you observed, including who or what you saw, when you saw it, where it occurred, and why it's suspicious. If there is an emergency, call 9-1-1.