Critical Infrastructures and Public Administrations

This post was written by Barbara Lunel, Project Manager at CSI-Piemonte.

Piemonte (Italy), May 16th

Last year has resulted as the worst ever recorded for cybersecurity with significative impacts for the victims in terms of economical and reputation damage as well as disclosure of sensitive data.

Cybercrime and Cyberwarfare attacks resulted at the highest level in the last 6 years, particularly in the last year they are tripled.

The vulnerability of IT systems has been globally recognized. Citizens business and governments withstand an increasing number of attacks more and more difficult to counter. Public Administration has become a more and more relevant target for such attacks from both individuals and organizations.

"From the moment that a vulnerability is made public there are no more than few hours before an attack begins to exploit it"

CSI-Piemonte makes no exception: it sustained an increasing number of attack attempts in 2016 reaching a peak of 150.000 per day with an average of 100.000 towards Public Administration web services. These attempts, which typically employ a number of techniques ranging from SQL injection, cross site scripts with an increasing number of custody attacks targeting the middleware, have been successfully held back, thanks to proper technical countermeasures and actions, yet this clearly indicates the degree of the threats.

Phishing and social engineering, targeted toward victims’ minds, with an 116% increment, together with malwares, among which we find the so-called ransomware, are the most common attack techniques. Ransomware alone can have tremendous impacts in shared data environments.

If we cannot eliminate cybersecurity risks, our protections cannot rely on purely technical measures, instead, the real first step is increasing user awareness, that brings to adopt and embrace the right security policies. This alone can enormously reduce the risks. The matter is not if we will be attacked but when and then we would better be ready.

In this scenario of increasing attacks towards Public Administration, Critical Infrastructures have seen a 15% rise across Europe. Consequences of such attacks can be easily understandable.

Furthermore, in those cases in which data and services are shared between Public Administration and Private partners it is necessary to clearly define roles and responsibilities in security management of the solution. On this regard CIPSEC will have a specific service for contingency plans to be used under emergencies.

In a heavily interconnected scenario like the one CSI is managing the impacts of an attack could often propagate from a web service to critical infrastructure data so that extreme care must be taken in order to protect the system as a whole. As a matter of fact CSI is managing several kinds of data among which sensitive ones like health and taxes for different levels of administration: National, Regional, Provincial and local. In this scenario an intrusion on the Air quality data network could propagate and affect these data or, for instance the City of Turin registry service resulting in a huge service failure affecting hundreds of citizens.

It would be therefore necessary to employ process design and planning based on Security by design principle, especially for those essential services like energy, transports, health, finance, cloud services, e-commerce and search engines for which resilience is a key factor.

CIPSEC project results receive funding from the European Union’s Horizon 2020 Research and Innovation Programme, under Grant Agreement no 700378.
The opinions expressed and arguments employed in this publication do not necessarily reflect the official views of the Research Executive Agency (REA) nor the European Commission.