As previously stated in my last blog post, I am by no means a security specialist but I have certainly spent my fair share of time talking to those that are.
I read an interesting article on the BBC about National Infrastructure attacks and the likelihood of them happening. On one side, there is the argument that much of the security business is drumming up business from a “scare” tactic. The other, is that yes, there is a strong chance of an “NI” attack but it would be more aligned towards the data and assets of whichever facility is targeted, rather than the doom and gloom apocalypse depicted by some.
To take down a large scale infrastructure environment would involve so many points of contact (both physical and digital) that it’s unlikely. It would involve a concerted effort from the attacker not to mention a very large bankroll to take it to a point where it would cause any “national” issues. So as the article says: Are we going to see planes dropping from the sky? – It certainly seems unlikely for now.
However, if you were to take the multiple facilities that build up the “National Infrastructure” and were to attack one or possibly two of them then that does seem plausible and achievable. Many people reference the STUXNET attack on the Iranian Nuclear Plant as evidence of how the attack would happen and how advanced the attacks/attackers are becoming. However, depending on which report or overview you believe, that kind of attack would need the financial backing and man hours of development that realistically only Governments (or their subsidiaries/contractors) could provide.
The general consensus seems to be that the attackers are more likely to target the Data stored within these facilities rather than the outright mission of closing them down.
Meanwhile…
Back in the humdrum world of recruitment where I have developed my knowledge to recognise the trends arising from key players in the Security Markets. What types of people are they recruiting for and what types of clients are they winning? This can give some insight into what is going on in a market that is shrouded in secrecy.
The clients I work with are definitely interested and taking note of people with the relevant skills within ICS/PLC/SCADA with a view of supporting their clients. From deep technical experience coming from a programming environment to a highly consultative specialists who can discuss the clients markets and the actions that should be considered/adopted. Companies working within these environments appear to be taking a pro-active initiative to ensure that Security is on their agenda.
So is the National Infrastructure really under attack?
Technically yes although it’s not quite the apocalypse just yet. Thank you for taking the time to read my blog I hope it has been useful, if you would like to find out more please contact Matthew Wheeler on 01628 857 333 or matthew.wheeler@bps-world.com