1 minute read
Challenging perceptions in the digital journey, cybersecurity, data privacy and upfront costs
As the infrastructure sector embraces digitalisation to accelerate decarbonisation efforts there are several challenges and barriers that need to be addressed. These challenges include concerns related to cybersecurity, data privacy and upfront costs which can hinder the widespread adoption of digital technologies despite their potential benefits.
One of the major concerns is cybersecurity which has become increasingly important as infrastructure systems become more interconnected and data-driven. Hackers can potentially gain access to critical infrastructure systems which could lead to significant disruptions, safety risks and even loss of life.
There have been several major examples of cybersecurity challenges that have resulted from the increasing digitalisation of the infrastructure sector. Here are some recent and notable examples:
Colonial Pipeline Cyberattack (2021): In May 2021 one of the largest fuel pipelines in the United States, the Colonial Pipeline, was targeted by a ransomware attack. The attack resulted in a shutdown of the pipeline for several days causing fuel shortages and price spikes in several states. The attackers gained access to the company’s IT systems through a compromised password and demanded a ransom to restore access. This incident highlighted the vulnerability of critical infrastructure systems to cyberattacks and the potential for significant disruptions to the energy supply chain.
SolarWinds Cyberattack (2020): In December 2020, it was discovered that a sophisticated cyberattack had been carried out against SolarWinds, a software company that provides IT management tools to numerous organisations, including many in the infrastructure sector. The attackers inserted malicious code into SolarWinds’ software updates which were then distributed to their customers, including government agencies and critical infrastructure providers. The attack resulted in unauthorised access to sensitive information from numerous organisations, including classified government data. This incident highlighted the supply chain risks associated with third-party software providers and the need for robust cybersecurity measures throughout the entire ecosystem.
Ukrainian Power Grid Cyberattacks (2015 and 2016): In December 2015 and December 2016, Ukraine’s power grid was targeted by cyberattacks that resulted in widespread power outages. The attackers gained access to the power distribution systems and used malware to disable critical infrastructure components causing extensive disruptions to electricity supply. These incidents were among the first known cases of cyberattacks causing physical damage to a country’s power grid, demonstrating the potential for cyber threats to impact critical infrastructure systems and disrupt essential services.