CYBER SAFE

FROM EMAIL TO EMERGENCY

Emails and hyperlinks embedded with computer viruses, malware and ransomware are an established method to extract money, steal data or exert power over people, com- panies and governments. However, such attacks are increasingly sophisticated. Take “spear phishing,” for example, which targets specific individuals in crucial jobs.

Returning to the example employee above: they received a bespoke email because they were in charge of a critical part of the electricity supply grid. When they opened the link in the email, the malware remotely switched off key parts of a par- ticular power station, handing the attackers some control over the grid.

During the power outage, the company’s call center is inundated with complaints from the public, enabling the company to monitor the extent of the outage. However, all is not as it seems – the attackers are flooding the company’s phone lines, so it takes hours to disentangle the scale of the attack. Mean- while, the country’s infrastructure, from transport to trade, is hugely disrupted.

BUILDING RESILIENCE

Developers now add layers of security that ensure against one individual making a mis- take. For instance, now it would be rare for one person to have the security keys for a whole power station held on their company computer. The system should impose layered decisions that requires multiple people to access a specific controlling element.

Developers are building backup solutions to ensure continuity during an attack, keeping key elements of infrastructure running locally while the attack is neutralized. One such solution is using microgrids, about which Konstantinou is a leading expert.

“Microgrids act like ‘islands’ in a storm – they provide and maintain local supply on an isolated system to keep power and communications running in the event of an attack on the main systems,” explains Konstantinou. “Microgrids can disconnect from the main power grid and operate indepen- dently. This is essential for hospitals, as they need a constant source of power to operate life-saving equipment.”

Microgrids are valuable in remote settings or in regions prone to natural disasters. In the event of an outage, the hospital microgrid would still run until the main grid is restored.

ATTACKS THAT RISK LIVES

Most industrial processes are now operated by computers and are vulnerable to cyberattacks that could risk human lives. An example is an attack that directly targets the programmable logic controllers (PLC) that are used in industrial systems to control specific processes, such as safe salinity levels in drinking water. An attack that interferes with that PLC in a water treatment plant is a risk to public health.

In industrial plants, such as petrochemical and power-generation plants, PLCs are used to control various processes and equipment, and can be programmed to detect faults, abnormal conditions or safety hazards. They can trigger appropriate emergency responses, such as activating alarms, shutting down equipment or initiating safety protocols. Under a cyberattack on the PLC, the emergency system, for example, might not work, damaging equipment as well as risking lives both inside and outside the plant. Meanwhile, a cyberattack that knocks out energy supplies even just two or three power stations can quickly ripple out- wards to cause problems across a nation’s networks, including transportation, industry and ultimately the whole economy.

The energy sector in Saudi Arabia is a prime target. The country is one of the top oil producing countries globally. It is also looking to become a world-leader in green energy, with an ambitious plan to generate 50 per- cent of electricity from renewables by 2030. Enhanced cybersecurity for both the renew- able and oil sectors in Saudi Arabia is vital.

“The rapid increase in renewable energy rollout in recent years has meant that consist- ent, robust cybersecurity measures have not been implemented in full,” says Konstantinou. “Enforcing standards and government regula- tory policies for the cybersecurity of renewables is still in the early stages, as is the case for the renewables industry across the world.”

There is an added element of risk stem- ming from solar panels on domestic buildings. In this case, the consumer of electricity is sometimes also a provider to the grid, or a “prosumer.” This means the cybersecurity layers have to flow both ways, protecting both consumers and providers.

SECURING BORDERS IN CYBERSPACE

Could the fictitious power company employ- ee’s innocent click have ramifications beyond their country and across the globe?

“Building secure barriers across national borders is a complex challenge,” says Kon- stantinou. “Channels must remain open to maintain a flow of data for international trade so the security needs to be built in. This ties into freedom of information and free speech, on which every country has dif- ferent laws and regulations.”

It is easier if governments are willing to cooperate, notes Konstantinou, because an open and secure system needs to have com- mon standards. Countries must also be willing to share threat details. Free flow of low-risk data should be allowed at all times, while sensitive data must be kept more secure.

“Transparency from the government to the public is vital. People need to trust that their personal data is handled in a secure way,” says Konstantinou.

FUTURE THREATS FROM AI

Lastly, we have to imagine an attack that learns from a target’s behavior and responses, then improves itself until it is far more danger- ous and challenging to detect. The use of arti- ficial intelligence in cyberattacks is increasing as AI technology advances further.

“AI is a double-edged sword,” says Konstantinou. “It opens doors to sophisticated security possibilities, but also means that attacks become ever more targeted and evasive, a rapidly evolving game of cat and mouse.”