Domestic Infrastructure- Critical Vulnerabilities and Protection discussed at TAG-College

01 Nov 2008 Developed models can also determine and evaluate the best possible defense plans, protecting as much of the infrastructure’s function as possible from any given attack – Dr. Ferrari

Domestic Infrastructure- Critical Vulnerabilities and Protection discussed at TAG-CollegeAMMAN --- November 1, 2008 --- The Talal Abu-Ghazaleh Business Forum (TAG - Forum) at Talal Abu-Ghazaleh College of Business hosted on October 30, 2008, Dr. Leonard Ferrari the Provost of the Naval Postgraduate School (NPS), who delivered a lecture on “Domestic Infrastructure- Critical Vulnerabilities and Protection”.

Dr. Ferrari started his lecture discussing the cyber security at crisis proportions where he explained that “There is a wide scope of computers and networks in the economy, national security and government. But most security is an afterthought.”

“Network attacks can result in denial of service, spoofing, router infrastructure compromise. Cyber Attacks can render information unavailable, modify critical information, and leak sensitive information,” he added.

Dr. Ferrari elaborated that attackers target specific systems and attractive business targets essential for operations.

Moreover, he recommended the establishment of security through:

▫ Eliciting security requirements, building a system to be inherently secure, and validate that requirements are met.

▫ Securing out of the box by configuring security by default, minimizing user privileges, and making available only well-defined interfaces.

▫ Securing in operation by making recommendations for secure use tools to support secure system administration, and giving management a clear view of the system security.

An example of hacking given by Dr. Ferrari was “a group of sophisticated, knowledgeable hackers gaining access to the New York City power grid through commonly used supervisory control and data acquisition (SCADA) systems.”

Elaborating on this, Dr. Ferrari pointed out that there are challenges faced when protecting large-scale electric power grids.

“Supervisory control and data acquisition systems are required for a utility to function in the marketplace, but allow hackers access points into the grid,” he said.

However, Dr. Ferrari suggested some solutions for the issues raised, in addition to discussing how the NPS developed models that can assist in determining the vulnerabilities of the

systems in question. These developed models can also determine and evaluate the best possible defense plans, protecting as much of the infrastructure’s function as possible from any given attack.

Further, Dr. Ferrari also shed light on the challenges and solutions for defending public transportation networks and protecting oil and gas infrastructure.

The one-of-the-kind lecture was attended by a host of academics and students.

END

About NPS

The Naval Postgraduate School is an academic institution whose emphasis is on study and research programs relevant to the US Navy's interests, as well as to the interests of other arms of the Department of Defense. The programs are designed to accommodate the unique requirements of the military.