President Trump’s advisers have warned of an impending 9/11-style attack on the nation’s critical infrastructure and called for “direction and leadership to dramatically reduce cyber risks.”
The National Infrastructure Advisory Council (NIAC) was commissioned by the National Security Council (NSC) to review over 140 federal “capabilities and authorities” in order to evaluate what needs to be done to secure infrastructure against targeted attacks.
The resulting report out this week claimed that although both government and private sector have “tremendous” resources to defend critical systems from attack, they’re not properly organized, harnessed or focused.
It added:
The challenges the NIAC identified are well-known and reflected in study after study. There is a narrow and fleeting window of opportunity before a watershed, 9/11-level cyber-attack to organize effectively and take bold action. We call on the Administration to use this moment of foresight to take bold, decisive actions.”
Specifically, these recommendations include establishing separate, secure networks for critical infrastructure (CNI), including “dark fiber” networks for critical control system traffic and reserved spectrum for backup communications during emergencies.
Information sharing is also high on the wish list: the report calls for a pilot of M2M info-sharing technologies, and the rapid declassification and proactive sharing of threat intelligence with CNI operators.
That’s not all. The report recommends best-in-class scanning tools and assessment practices; a public-private expert exchange program to strengthen IT professionals’ skill sets and a streamlining of the security clearance process for CNI owners.
The NIAC also wants “limited time, outcome-based market incentives” to encourage CNI owners to invest in state-of-the-art technologies.
An operational task force is required comprising experts in government alongside electricity, finance and communications sectors to take decisive action, it added.
The White House National Security Adviser should review these recommendations and chart a path forward, it concluded.
Although there have been precious few attacks on US CNI over the years – aside from an alleged Iranian attack on a New York dam – the warning signs are that hostile states increasingly have the capabilities to launch one.
Most experts point to the sophisticated Kremlin-linked attacks on Ukrainian power stations in December 2015 and 2016, which led to widespread outages in the country.