Chapter 3 - Crime Areas

3.8 Vulnerabilities of critical infrastructure - Future threats and developments

Given the increasing trend of interconnecting, integrating and remote-controlling critical infrastructures, we expect cyber-attacks on these systems to remain a serious challenge for operators. The dual use aspect and availability of cybercrime facilitators, including zero-day exploits for ICS/SCADA systems [142], [143] combined with the relative ease to locate critical infrastructure devices [144], will continue to attract actors with different motives.

With the Internet of Everything expanding and becoming more widely adopted, new forms of critical infrastructure will appear and dependencies on existing ones will become more critical. As public and private sector organisations are outsourcing data, applications, platforms and entire infrastructures to large cloud service providers, cloud computing itself will become a critical infrastructure [145].

Also, some countries have started to open the energy market for smaller private contributors which allows mini power plants like water, wind or photovoltaic sites to feed energy back into the power grid. This may lead to more vulnerabilities as these smaller operators often do not have the resources to implement adequate security measures.

All this provides for new attack vectors and an increased attack surface and, consequently, we are likely to see more targeted attacks on these emerging infrastructures as well. As mentioned before, this will be exacerbated by smart devices that are no longer supported or are not being updated, or that are so small that they do not have security built into them or were simply not designed with security in mind.

We can expect to see an increase in DDoS attacks with the aim of disrupting critical infrastructure and/or for extortion purposes. Moreover, cybercriminals will continue to use malware and ransomware to mainly target user-facing devices of critical infrastructure.