Cybersecurity/Trust
August 15, 2019

How to protect vulnerable infrastructure from cyberattack

by ITU News

The 2019 school term has begun in Houston County School District in Dothan, Alabama, but there are no students in the classrooms. The district’s 6,400 students are enjoying an extended summer break thanks to a malware attack on the school’s computer network.

This is not an isolated incident; last month, a state of emergency was declared in Louisiana: a computer virus had disabled the IT network in three school districts across the state. Schools in upstate New York, Florida and Massachusetts have also experienced crippling cyberattacks in the past 18 months.

With out-of-date security systems and limited resources, schools are rapidly becoming a favourite target for hackers, reports the New York Times.

The number, severity, and diversity of cyber threats and attacks have increased in recent years. And this trend shows no sign of slowing down.

But schools’ security systems are not the only ones being tested. Destructive malware attacks targeting infrastructure and government facilities globally in the first six months of 2019 had reportedly grown by 200% over the previous six months, according to a new report from IBM’s X-Force Incident Response and Intelligence Services (IRIS) team.

The number, severity, and diversity of cyber threats and attacks have increased in recent years. And this trend shows no sign of slowing down; the average cost of cybercrime for a company was US$13 million in 2018 – a 72 percent increase in the last five years, according to Accenture.

A growing and global issue: ITU’s role

As security systems worldwide continue to be tested for their resilience, the need for strengthened and coordinated response to improve cybersecurity has never been greater.

Complex industrial environments such as the energy sector, manufacturing and others are usually underpinned by ICT systems which enables better management and increased productivity, but many of these systems are not designed with security in mind.

In a world where everything depends on technology, a cyberattack on these critical infrastructures could have catastrophic consequences in the physical world.

A city-wide power outage, for example, would affect hospitals and other emergency services, public transport would shut down, and food distribution chains would quickly break down.

No single entity or organization can address the whole range of current and emerging challenges brought about by cyberspace alone.

As the UN agency for technology, ITU is able to convene world and industry leaders, as well as technology experts and academia to facilitate meaningful global dialogue on cybersecurity related issues.

As security systems worldwide continue to be tested for their resilience, the need for strengthened and coordinated response to improve cybersecurity has never been greater.

Cybersecurity requires both preventive and reactive measures as well as the deployment of capabilities to proactively manage the risks. Working across three main sectors – Radiocommunication, Standardization and Development – ITU assists Member States in defining a national strategy on cybersecurity, conducts hands-on exercises and training workshops, develops programs for child online protection, and assists in the establishment of national computer incident response teams (CIRTs) – among a host of other activities.

Cooperation:

The Global Cybersecurity Agenda (GCA) is an international framework for cooperation in cybersecurity. It is built on 5 strategic work areas – Legal Measures, Technical & Procedural Measures, Organizational Structures, Capacity Building, and International Cooperation – which have shaped ITU’s work up to present day.

Standardization:

ITU’s technical study groups bring global stakeholders together to work on ICT security-related standards for both existing and new technologies; to date, ITU-T SG17 has developed more than 200 technical recommendations. This facilitates the interoperability of new products and services from the early design stage, which enables the wider adoption of cybersecurity practises and related protocols.

Measurement:

The third edition of the Global Cybersecurity Index was published earlier this year. It combines data from 194 countries, measuring their commitment in cybersecurity and helping them to identify areas for improvement.

Incident response:

ITU has conducted over 80 CIRT readiness assessments and successfully executed 13 CIRT project implementations. Establishment of five national CIRTs are expected to be completed by the end of 2019.

Cyber drills:

In recent years ITU has conducted 25 regional and national Cyber Drills involving participants from more than 100 countries to further improve the operations of national incident response teams, and maintain and strengthen national and international cooperation for continued collective effort against cyber threats.

Guide to Developing a National Cybersecurity Strategy:

A comprehensive, one-stop resource, produced in partnership with international organizations, industry players and the research community, for countries to gain a clear understanding of the purpose and content of a national cybersecurity strategy, and actionable guidance for how to develop and implement one of their own.

Learn more about ITU’s cybersecurity activities here.

  • Was this article Helpful ?
  • yes   no
© International Telecommunication Union 1865-2018 All Rights Reserved.
ITU is the United Nations' specialized agency for information and communication technology. Any opinions expressed and statistics presented by third parties do not necessarily reflect the views of ITU.

How to protect vulnerable infrastructure from cyberattack

Send this to a friend