Timofey A. Saytarly
Homeland Security: National Critical Infrastructure Protection
Key sectors of modern society, including those vital to the national security and the essential functioning of industrialized economies, are dependent on a spectrum of highly interdependent national and international software-based control systems for their smooth, reliable, and continuous operation.
This information infrastructure underpins many elements of the critical Infrastructure (CI), and is hence called critical information infrastructure (CII) or national critical infrastructure (NCI).
The basic sectors of a national critical infrastructure are:
- Military Defense^;
- Public Health^;
- Social security^;
- Information Distribution^;
- Banking and Finance^;
- Research Education^;
- Power, including nuclear^;
- Food Supply^;
- Water Supply^;
- Civil Defense.
While opportunities of information and communication technologies are well-known and exploited, the importance of their interaction inside a critical infrastructure is not yet sufficiently understood. Information systems are exposed to failures, are attractive targets for malicious attacks, and susceptible to cascading effects. These new risks and vulnerabilities have become a crucial security issue throughout the world.
The rapid change in technologies and the Internet globalization have made elements of NCI the object of criminal activity. There are more ętargets" for illegal encroachments^; criminal and terrorist groups have an opportunity to use Internet in criminal intentions. Sectors of national critical infrastructure have a vital role in defense, economic and social development. In most cases attacks on NCI are directed to damage of these elements that would impact national safety and economy. Therefore national critical infrastructure protection is basic aspect of public safety and economic stability.
The greatest danger is represented with such criminal phenomena as the organized crime and terrorism. In this context the question is about cyberterrorism and computer crimes.
The idea of Cybercrime includes the fallowing illegal actions:
- Remote theft of data and unauthorized system control^;
- Economic Espionage^;
- Internet Fraud^;
- Credit Cards Swindle^;
- Computer Crimes^;
- Intellectual property^;
- Money Laundering^;
- Child Pornography.
Consequences of criminal encroachments on crucial sectors of national infrastructure would have dire and widespread social damage. Loss would impact national security as well.
On the scales the loss and criminal acts can be divided into three groups:
Law Enforcements began to research the Problem of National critical infrastructure protection (NCIP) since the end of 90th. Nowadays, governments of developed countries put the problem of NCIP in the same line with organized crime and terrorism fighting. Government financing is one of the main aspects in success crime fighting. For example, in the 2002/2003 budget, Australia government allocated AUS$ 24,9 million over four years to continue its efforts to protect the national information infrastructure, which is largely in private hands. Besides, government forms a partnership with industry to minimize potential harm to these crucial systems.
Experts in the field of national security of the different countries on a regular basis carry out detailed studying the strengths and vulnerabilities of key NCI sectors. The main conclusions which are already made by results of the lead researches, testify that:
1. Potential vulnerability of society to significant NCI disruptions is increasing.
2. There is a lack of formal structure for the coordination and implementation of a national policy for protecting and assuring the continued operation of critical elements of the NCI in peacetime and during the hostilities.
3. More can be done writhing affordable limits to minimize existing threats.
Now the NCI's sectors are in the private sector. Therefore, the most important is the establishment of formal structure involving the government and private sector to coordinate and implement national policy for the protection of the NCI. Cooperative arrangement between the public and private sectors is integral of national security. It should mean:
- Education and threat awareness^;
- Focus on security by Hardware and Software manufacturing^;
- Duly and fast response to the incidents connected to systems' work damage^;
- System of channels of formal and informal information interchanges on computer crimes and cyberterrorism.
National policy should have the authority to protect its own interests, including national security interests. It may provide advice to the state, territory, and local governments, and to the private sector on measures to prevent or respond to attacks that have the potential to impact on the economic and social well-being.
Creation of public organizations, including researches of NCI protection would give essential support to law enforcement bodies in struggle against criminal encroachments on NCI.
It is necessary to take into account, that the safety of NCI crucial elements is, first of all, a task of law enforcement bodies and corresponding special services which now possess essential operative and technical opportunities from the legal point of view.
Analyzing experience of the advanced countries in fighting computer crime and cyberterrorism, and National Infrastructure protection, it is necessary to note expediency of creation the Cybercrime Response Teams in structure of special services in a number of countries where such are not created yet (for example, the states of former Soviet Union). Practice testifies that for their successful functioning, the regular structure would include:
- Team Manager^;
- Legal Adviser^;
- Technical Expert^;
- Media Relations Specialist^;
- System Administrator.
In order to prevent the excessive control and except multilevel structure of the response teams, they should be subdivided on:
- Regional Computer Crime and Infrastructure Protection Squad^;
- National Infrastructure Protection Center.
Moreover, it is necessary to request the assistance of overseas law enforcement agencies and computer crime response teams as cooperation between Law Enforcement Bodies. It will allow avoiding long procedure of formal registration of official interpellation to the foreign state.
Activity of similar special divisions, already created in USA, points to the fact that, toughening of the responsibility for computer crimes and cyberterrorism results reduction of illegal intrusions into control systems of NCI elements or infringement of their normal functioning. So, the actions connected to illegal intrusions in work of computer systems, are punished by 5 years of imprisonment (or the fine of $250 000)^; repeated actions or committed by the organized group on preliminary arrangement are punished by imprisonment till 10 years (or the fine of $500 000) and it is so, if similar actions did not threat national defense.
The system of national critical infrastructure security means processes of its protection and investigation already committed crimes.
NCI and its crucial sectors protection is divided into three stages:
1. Detecting Criminal Activity.
2. Contact to potential or real computer crime victims with the purpose to collect data on crimes (the ways and methods of crimes' preparation and perpetration, concealment of traces, etc.)
3. Crimes prevention and forensic.
It is also necessary to allocate three levels of computer crimes response:
1. Personal. The work of special response teams and law enforcement bodies are directed on collection and analysis of the information on crimes, criminals and their victims.
2. Equipment. Collection of the same information is realized by constant use of technical, electronic and other shadowing facilities, capable to warn and fix the fact of crime committing.
3. Expertise. Enables getting information on a crime (way of preparation, perpetration, suspected persons) already after the careful analysis of illegal actions consequences.
The nature of risk and vulnerabilities in modern societies before the cybercrimes and cyberterrorism is becoming more and more transnational. It is necessary to reach the close cooperation of corresponding divisions of special services of many states for duly and effective response to similar crimes. It will allow to counteract the organized criminal and terrorist groups and to provide more reliable protection of national critical infrastructure sectors that is a necessary condition of economic stability and social well-being.
^macro[showdigestcomments;^uri;Homeland Security: National Critical Infrastructure Protection ]