Batten down the hatches

Recent cyberattacks and exploits of vulnerabilities have had a profound impact on critical infrastructure and are worth studying to secure systems against future attacks 

Critical infrastructure systems like those driving power generation, water treatment, electricity production and other platforms are interconnected to form the energy “grid”. Although beneficial to the public, this grid is vulnerable to cyber-attacks by “hacktivists” or terrorists. Critical infrastructure, like power generation and distribution, is becoming more complex and reliant on networks of connected devices. Just decades ago, power grids and other critical infrastructure operated in isolation. Now they are far more interconnected, both in terms of geography and across sectors.  

Recent years have seen growing concern about the vulnerability of industrial control systems (ICS), which are used to monitor or control processes in industrial and manufacturing sectors. An attack against an ICS could result in physical damage, such as a fire or explosion, as well as business interruption, says Nigel Pearson, Global Head of Fidelity, AGCS. “A number of ICS still used by manufacturing and utilities companies today were designed at a time before cyber security became a priority issue,” he explains.

In addition, ICS are also vulnerable to both technical failure and operator error as well, which can be much more frequent and severe in terms of impact and are often not captured in cyber reports, adds Georgi Pachov, Global Practice Group Leader Cyber, CUO Property AGCS.

While ICS are a particular issue for the energy sector, similar cyber-related physical damage and business interruption risks exist in other industries. For example, car manufacturing plants rely on robots to make and assemble vehicles. Should a robot be hacked or suffer a technical fault, a production line could be interrupted for hours or days, at a potential cost of tens of millions of dollars per day. And the potential cost of damages could be even higher from an incident involving security-sensitive facilities such as nuclear power plants, laboratories, water suppliers or large hospitals. 

The time to secure critical infrastructure is now. Security Buyer catches up with Maher Jadallah, Senior Director Middle East & North Africa, Tenable to find out why. 

Cyberattacks have been grabbing headlines across the Middle East for all the wrong reasons in recent years. Help AG’s Middle East-focused ‘State of the Market Report 2021’ revealed: DDoS attacks have become the norm with a 183% increase in the UAE alone; ransomware incidents were on the rise due to a high rate of success; VPNs were attacked monthly as work from home continued; over 18,343 vulnerabilities were identified per the NIST National Vulnerability Database (NVD). Unfortunately, the increase in attacks isn’t limited to just the Middle East.  

What is the current landscape of critical infrastructure? 

In the United States, the 2021 Colonial Pipeline ransomware attack showcased how the surge in vulnerabilities in IT systems can severely impact operations, and the US economy at large. The attack is a stark reminder for Middle Eastern organisations to protect their critical infrastructure or risk a similar fate. 

Globally, to automate workflows and find efficiencies, organisations are investing in Supervisory Control and Data Acquisition (SCADA) systems. According to the Middle East SCADA Market 2021-2027 report by Research and Markets, the market will reach US$2.68bn by 2027. Operational technology (OT) systems like SCADA offer a number of benefits to businesses but the process of securing them can have an impact on operations. Despite this, they absolutely must be secured against cyberattacks. 

Generally speaking, IT and OT systems have common touch points, however each faces a diverse set of challenges. With OT systems, patching vulnerabilities can be challenging because small errors can shut down entire plants and facilities, resulting in loss of time and money. Challenges also arise here because, often, OT involves legacy systems that require specialised knowledge, the absence of which makes working with these systems complicated. 

That said, securing these systems is a must because the impact cyberattacks can have on critical infrastructure and the supply chain will be far more challenging and costly to recover from. 

Are these cyberattacks a modern precedent?  

Attacks against critical infrastructure are not a modern age reality, the first attacks in the 1960s involved phone hacking mechanisms exploiting public phone systems.

To read the full exclusive see our latest issue here.

Never miss a story… Follow us on:
LinkedIn Security Buyer
Twitter logo @SecurityBuyer
Facebook @Secbuyer

Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Dallmeier - securitybuyer.com

Dallmeier presents the MK4 revision of the DMS 2400

With the new MK4 revision of the DMS 2400, Dallmeier introduces an even more powerful version of its proven video appliance.
security Institute - securitybuyer.com

Security Institute Announces New Directors

The Security Institute held its Annual General Meeting (AGM) on the 8th of July at the Millennium Hotel & Conference Centre…
ASSA ABLOY - securitybuyer.com

BG100 Speedgate Recognised with Red Dot Award

Combining an Aesthetically Appealing Design, Function and Innovation, the BG100 Speedgate Sets New Benchmark for …
Product Spotlight - Videx - securitybuyer.com

Product Spotlight – Era Series

VIDEX presents its new series of outdoor compact video door entry systems, Era Series, and showcases their durability, configuration…
Security Institute - SecurityBuyer.com

The Security Institute Hosts Second Young People’s Skill Building

The Security Institute was honoured to host its second annual Young People’s Skill Building Event on Monday 23rd June, held …
Hanwha Vision - Security Buyer

Hanwha Vision unveils powerful AI remote-head camera

Hanwha Vision, the global vision solution provider, launches the AI remote-head camera, featuring a single-body…
Christina Alexander Judge - SecurityBuyer

Christina Alexander Announced as Security Buyer Awards Judge

Security Buyer is proud to announce Christina Alexander as the latest addition to the distinguished judging panel for the Security…
Milestone - SecurityBuyer

Milestone Systems updates across XProtect, BriefCam, Arcules

Milestone Systems today announced updates across its complete security technology portfolio with releases for XProtect
Big Interview Abdullah Tanoli

Big Interview – Hero of Leicester Square

Rebecca Spayne of Security Buyer has the privilege of speaking with a real-life hero, Abdullah Tanoli, the hero of Leicester Square..
Altronix - SecurityBuyer

Altronix POE367 Delivers 277VAC Support

Altronix has expanded its power product line with the new POE367 power supply/charger designed specifically for 277VAC input environments.
Scroll to Top