Power supply, public health system, disaster control, or public administration – ubiquitous computerization makes any of the infrastructures that are vital for our daily lives vulnerable to cyberattacks that can completely paralyze their operations. This warning was issued by German, French, and Swiss security experts from research, politics, economy, and the police who met at Karlsruhe Institute of Technology (KIT) last week.
The experts stressed that creating more security requires an effort of the society as a whole. Under the tri-national SERIOR project (www.serior.eu), the experts jointly investigate ways to protect the vital infrastructures in the Upper Rhine region against attacks from the Internet.
Cyber criminals are a threat not only to organizations that are generally recognized as being crucially dependent on information technology, such as communication companies, stock exchanges, media, or railway companies, but also to infrastructures that are very basic and simple at first sight, such as drinking water supply and sewage systems, the scientists warn. On the occasion of their conference on Thursday, July 4, the researchers pointed out that ensuring the protection of these infrastructures is a key task of national and entrepreneurial risk management and a central topic of Germany’s security policy. “The protection of critical infrastructures is incumbent on society as a whole, a task that requires coordinated action backed by all responsible players – government, economy, and the public.”
Although cyberattacks are hardly predictable – as the most recent incidents such as the “WannaCry” ransomware assault showed – risk management in institutions, companies, and other organizations must not be restricted to reacting to an incident, the experts demand. They criticize that countermeasures are only taken after harm has been done.
However, there is an urgent need for action: The threat presented by cyber criminals will increase even more in the future, the experts for IT security participating in the event emphasize. Due to increased task sharing among cyber criminals and the fact that hacking services have gone commercial, individual hacker skills are hardly required to operate an effective cyber offensive. The Baden-Württemberg State Office of Criminal Investigation stated that a fully-fledged industry has developed whose turnover figures already exceed those generated in the international drug traffic.
The computer systems employed for controlling critical infrastructures are becoming increasingly complex. This, however, does not result in more, but rather in less security, the experts believe. They assert that securing less complex systems is by far easier and more promising. Cost and efficiency considerations result in more and more infrastructures being controlled from a central location. This is a problem because a successful attack will have dramatic consequences for the entire infrastructure.
The security experts unanimously complain about the lack of awareness on the part of the users as regards the risks incurred by insufficient cyber security. People must be wised up more efficiently, but also be made accountable. Security is not for free: It costs money and/or might interfere with people’s privacy.
Besides KIT, the Albert-Ludwigs University of Freiburg, the Université de Haute-Alsace, the Université de Strasbourg, and the University of Basel participate in the SERIOR project. This means that all five Eucor – The European Campus members are on board. Other partners include the University of Koblenz-Landau, the Karlsruhe Criminal Investigation Department, the Baden-Württemberg State Office of Criminal Investigation, the Federal Waterways Engineering and Research Institute, the VICCON GmbH (Ettlingen), the LOCOM Gmbh (Karlsruhe), and the Karlsruhe Transport Company (VBK).
SERIOR is funded by the European Regional Development Fund (EFRE), the Swiss Confederation, and the Basel-Stadt and Basel-Landschaft cantons.
Being “The Research University in the Helmholtz Association”, KIT creates and imparts knowledge for the society and the environment. It is the objective to make significant contributions to the global challenges in the fields of energy, mobility, and information. For this, about 9,600 employees cooperate in a broad range of disciplines in natural sciences, engineering sciences, economics, and the humanities and social sciences. KIT prepares its 23,300 students for responsible tasks in society, industry, and science by offering research-based study programs. Innovation efforts at KIT build a bridge between important scientific findings and their application for the benefit of society, economic prosperity, and the preservation of our natural basis of life. KIT is one of the German universities of excellence.