Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/436751
42 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings 2 Terrorists: Although terrorists, whose goal is to spread terror through the population, intend to damage U.S. interests, traditional terrorists are less developed in their cyber capabilities than are other adversaries. Therefore, terrorists are not likely to pose more than a limited cyber threat. 3 Industrial spies and organized crime groups: Inter- national corporate crime organizations pose a medium threat, as they can conduct industrial espionage, large- scale theft, and can hire and/or develop hacker talent. Their goals are typically proft-based and can include trade secret theft, attacks on competitors' infrastructure, and blackmailing affected industry regarding exposure threats. 4 Hactivists: This group is a small population of politi- cally active hackers and includes individuals with anti- U.S. motives. They pose a medium threat of an isolated, but damaging attack. Their goal is to support their polit- ical agenda. 5 Hackers: Fortunately, hackers pose a negligible threat of widespread, long-duration damage to national infra- structure. Most hackers do not have the level of skill required to threaten U.S. critical networks and fewer have the motive to do so. However, because of the large population of hackers, the threat of isolated or brief dis- ruption causing serious damage, including property damage or loss of life, is relatively high. However, with the growing number of skilled and malicious hackers, the likelihood of successful attack continually increases. Vulnerabilities and Consequences Since information technology has become the backbone of modern business and infrastructure, careful assessments of vulnerabilities and consequences of cyber attacks should be top priority. The Brookings Institute published a policy Imagine a maritime-based cyber attack causing kinetic effects or physical damage. In a worst-case scenario, such an attack could cause fnancial loss, terminal and/or port shutdowns, economic disaster, environmental catastrophes, and even loss of life. Unfortunately, all of these consequences are possible and can certainly result from a large-scale cyber attack. So, to assess the probability of a cyber incident directed at any par- ticular maritime industry component, we must frst assess the risk of the incident. Cyber risk is commonly approached as having three compo- nents, expressed algebraically as: Cyber Risk = Threat × Vulnerability × Consequence 1 Based on this defnition of risk, if it were possible to elimi- nate any dimension completely, the resulting risk would also be completely eliminated. No vulnerability would mean there is no risk, despite the existence of a strong threat and severe consequence. Unfortunately, the likelihood of entirely removing any one dimension is marginal, if not impossible. Cyber Threat Sources According to the Industrial Control Systems Cyber Emer- gency Response Team, threat sources can be grouped into fve main categories: 2 1 National governments: National cyber warfare pro- grams are unique and pose a threat to all U.S. interests. Among the current array of cyber threats, government- sponsored programs are capable of widespread, long- duration critical infrastructure damage. Unfortunately, some nation-states have the resources and commitment necessary for an attack to critical infrastructure. Their goal is to weaken, disrupt, or destroy the U.S. Maritime Critical Infrastructure Cyber Risk Threats, vulnerabilities, and consequences. by lCDR MaRshall e. neWBeRRy Inspections and Investigations Branch U.S. Coast Guard 11th District Cybersecurity of Maritime Critical Infrastructure