Power supply, public health system, disaster control, or public administration – ubiquitous computerization makes any of the infrastructures that are vital for our daily lives vulnerable to cyberattacks that can completely paralyze their operations. This warning was issued by German, French, and Swiss security experts from research, politics, economy, and the police who met at Karlsruhe Institute of Technology (KIT) last week.
The experts stressed that creating more security requires an effort of the society as a whole. Under the tri-national SERIOR project (www.serior.eu), the experts jointly investigate ways to protect the vital infrastructures in the Upper Rhine region against attacks from the Internet.
Cyber criminals are a threat not only to organizations that are generally recognized as being crucially dependent on information technology, such as communication companies, stock exchanges, media, or railway companies, but also to infrastructures that are very basic and simple at first sight, such as drinking water supply and sewage systems, the scientists warn. On the occasion of their conference on Thursday, July 4, the researchers pointed out that ensuring the protection of these infrastructures is a key task of national and entrepreneurial risk management and a central topic of Germany’s security policy. “The protection of critical infrastructures is incumbent on society as a whole, a task that requires coordinated action backed by all responsible players – government, economy, and the public.”
Although cyberattacks are hardly predictable – as the most recent incidents such as the “WannaCry” ransomware assault showed – risk management in institutions, companies, and other organizations must not be restricted to reacting to an incident, the experts demand. They criticize that countermeasures are only taken after harm has been done.
However, there is an urgent need for action: The threat presented by cyber criminals will increase even more in the future, the experts for IT security participating in the event emphasize. Due to increased task sharing among cyber criminals and the fact that hacking services have gone commercial, individual hacker skills are hardly required to operate an effective cyber offensive. The Baden-Württemberg State Office of Criminal Investigation stated that a fully-fledged industry has developed whose turnover figures already exceed those generated in the international drug traffic.
The computer systems employed for controlling critical infrastructures are becoming increasingly complex. This, however, does not result in more, but rather in less security, the experts believe. They assert that securing less complex systems is by far easier and more promising. Cost and efficiency considerations result in more and more infrastructures being controlled from a central location. This is a problem because a successful attack will have dramatic consequences for the entire infrastructure.
The security experts unanimously complain about the lack of awareness on the part of the users as regards the risks incurred by insufficient cyber security. People must be wised up more efficiently, but also be made accountable. Security is not for free: It costs money and/or might interfere with people’s privacy.
Besides KIT, the Albert-Ludwigs University of Freiburg, the Université de Haute-Alsace, the Université de Strasbourg, and the University of Basel participate in the SERIOR project. This means that all five Eucor – The European Campus members are on board. Other partners include the University of Koblenz-Landau, the Karlsruhe Criminal Investigation Department, the Baden-Württemberg State Office of Criminal Investigation, the Federal Waterways Engineering and Research Institute, the VICCON GmbH (Ettlingen), the LOCOM Gmbh (Karlsruhe), and the Karlsruhe Transport Company (VBK).
SERIOR is funded by the European Regional Development Fund (EFRE), the Swiss Confederation, and the Basel-Stadt and Basel-Landschaft cantons.
In close partnership with society, KIT develops solutions for urgent challenges – from climate change, energy transition and sustainable use of natural resources to artificial intelligence, sovereignty and an aging population. As The University in the Helmholtz Association, KIT unites scientific excellence from insight to application-driven research under one roof – and is thus in a unique position to drive this transformation. As a University of Excellence, KIT offers its more than 10,000 employees and 22,800 students outstanding opportunities to shape a sustainable and resilient future. KIT – Science for Impact.