What is Security and Risk Mitigation for Dams and Levees? Understanding the Threat
Video: Threats to the Security of Our Nation’s Dam Sector Infrastructure
I. Natural Threats
In addition to natural hazards that can affect the facility itself, addressed elsewhere on this website, it is also important to be aware of threats affecting facility employees. For example, a pandemic influenza incident has the potential to cause serious disruption to operations in the Dams Sector. It is estimated that, in an influenza pandemic, up to 20 percent of the workforce could become ill, and 40 percent might be absent from work due to illness or fear of infection. Because such absentee rates would cause great difficulty in performing normal functions, continuity plans should account for this possibility by detailing how an organization will provide for staffing needs during a potential outbreak.
II. Manmade Threats
Any individual or group that possesses the capability and intent to do harm can pose a threat. Potential aggressors include:
- Domestic and international adversaries.
- Adversary nations.
- Disaffected individuals or groups.
- Disgruntled employees.
- Organized adversarial groups.
In targeting critical infrastructure, adversaries could employ a wide range of weapons, tools, and tactics. Many adversaries have access to expensive technological equipment. Adversaries use surveillance to identify and plan their attacks. In the past, targeting surveillance has been conducted over an extended period of time in order to identify vulnerabilities and plan the best means to attack the target.
Due to their generally remote location, dams present a more difficult surveillance challenge than facilities in a more urban setting. This gives owners and operators, as well as law enforcement officials, an opportunity to detect such surveillance before facilities could be targeted.
In targeting dams, adversaries may seek to commit:
- Damage or destruction of a facility.
- Theft of equipment or information.
- Disruption of a facility's mission.
Understanding the signature behaviors associated with adversarial operational planning helps effectively report incidents, which may ultimately lead to the disruption of potential attack planning.
III. Cyber Threats
Cyber systems in the United States are the most aggressively targeted information systems in the world, with attacks increasing in severity, frequency, and sophistication each year.
In the modern automated workplace, disruption of the information technology (IT) system could bring any organization to a standstill or lead to a dangerous lack of control over sensitive records or over physical processes (e.g., operational control over dam releases or power generation).
An aggressor could attempt to disable such systems or even hijack them to intentionally operate the dam improperly, in order to cause damage. Adversaries could infiltrate cyber systems to:
- Cause economic and operational damage.
- Alter, corrupt, or steal information.
- Overload the equipment.
- Mount attacks on other systems.
- Operate control mechanical equipment in such a way as to cause damage and inflict onsite and offsite casualties.
- Gain information about the facility or personnel, including information on operating schedules, contractors, and security.
- Conduct surveillance via webcam or private brand exchange systems.
- Cause additional consequences when used in coordination with a physical attack.
Tools and Resources for Information on Cyber Security
Dams Sector Roadmap to Secure Control Systems
This document describes a plan and strategic vision for voluntarily improving the cyber security posture of control systems within the Dams Sector.
Training via DHS Control Systems Security Program
This United States Computer Emergency Readiness Team (US-CERT) Control Systems Security Program (CSSP) resource provides links to information products, articles, white papers, and other printable materials.
This US-CERT CSSP site provides a current information resource to help industry understand and prepare for ongoing and emerging control systems cyber security issues, vulnerabilities and mitigation strategies.