Modern society depends on critical infrastructure facilities, such as transportation networks, telecommunications lines, water mains, and power lines, which are central not only to daily life, but also to national security. Each of these sectors increasingly uses integrated computer networks to link widely dispersed facilities and corporate offices, control equipment remotely, and meet customer demand for affordable service. For various reasons, many of these systems are vulnerable to compromise, but cybersecurity in these industries is largely a voluntary exercise. Certain sectors have expanded the number of attack vectors by introducing more Internet-connected devices and automating further functions. As a result, large swaths of the nation’s electric grid, water supplies, and logistics nodes remain subject to possible disruption by foreign adversaries. In addition, relatively unsophisticated criminals can take advantage of widely available software tools that can help launch advanced cyber attacks of a kind that once originated exclusively from nation states.
