Why critical infrastructure is vulnerable to cyberattacks

Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures.

Why critical infrastructure is vulnerable to cyberattacks

Dan Patterson, CNET and CBS News Senior Producer, spoke with Robert Lee, founder and CEO of the cybersecurity company Dragos, about cyberthreats to industrial infrastructures. The following is an edited transcript of the interview. 

Dan Patterson: What do we mean when we talk about this abstract idea of infrastructure and connected infrastructure?

Robert Lee: Usually, when I talk about infrastructure, I speak more to industrial infrastructure. I think when we think of critical infrastructure, people have classified everything from election systems to banks, and those are, obviously, very important. When we talk about infrastructure, it's more of power sites, oil refineries, advanced manufacturing, making the goods that our folks use. That type of industrial infrastructure ends up being extremely critical, and also the ones that are more vulnerable to the cyberattacks that we're talking about.

SEE: Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)

Dan Patterson: All right, so vulnerable to cyberattacks means a few things. And some threat actors, like Russia, have actually penetrated United States electrical systems. One thing that I hear over and over and over though is, "So what? The Russians are in our systems. Dams and electrical grids can be hacked. It hasn't changed my life, so what?"

Robert Lee:
Yeah, look, it's a fair proposition. The discussion of cyber and even hyped up terms like cyber 9/11 had been around for quite some time. But, the reality is, our adversaries have always been doing kind of early reconnaissance type work, we call it. They're kind of poking at things, but they hadn't developed the knowledge to really scare us.

Now, we're seeing that evolution of knowledge where we're seeing attacks that have actually caused power outages in Ukraine. We've seen attacks that have gone directly after human life in Saudi Arabia. So, when we're starting to see these same type adversaries targeting our infrastructure, obviously, it gives us a little bit more concern about what their capabilities are today.

Dan Patterson: Who are these threat actors, and what are they doing? They're lying in wait, in hiding? Are they doing reconnaissance of information?

Robert Lee: Yeah, I think it's fair to say that, right now, if you're talking industrial infrastructure attacks on the merits and on the order that we actually care, it's almost exclusively state actors. But we shouldn't assume that state actors don't have their own economies and own companies they work with and private sector entities. We see kind of a blend of private and government actors. But, in that, it's not only stealing information and intellectual property, in industrial infrastructure everything from the way you make steel to how you do a connected plant is good intellectual property, but also a lot of information being stolen around how you would actually orchestrate a larger attack.

It may seem simple on the surface to break into electric power and turn the lights off, but it's an extremely complex thing where you have to think about physics, as well as the operation of the systems. So we kind of find ourselves in this juxtaposition where our infrastructure is not only vulnerable, and we do have a lot of threats, but we also have pretty good infrastructure, and it lends itself to defense very well.

Watch more interviews with Dan Patterson and Robert Lee 

Also see

20200224-lee-part1-dan.jpg

Robert Lee, founder and CEO of Dragos, Inc.

Image: TechRepublic