Cyber Security And The Responsibility Of States To Protect Critical Infrastructure

Pramita Sil, IILM University, Gurgaon

INTRODUCTION

Critical Infrastructure is a collection of systems, facilities, assets, which is considered essential by the government for everyday life, constituting a network, physical or virtual, vital for the functioning of a society and a stable economy. With the growth of technologies and rapid digitalization, the threat of cyber-crime has increased and the ever-evolving nature of crimes made it more difficult. Most economic, cultural, social, and commercial contacts between nations, people, and institutions are now conducted online. Therefore, if any of these faces a threat then the whole system will be affected. The attacks against individuals or organization are carried out by nation-state cyberattacks to cause disruption. For instance, the nation-state attacks done by Russia against Ukraine were delegated to cause interference and negatively impacted the Ukrainian war. This shows the vulnerabilities on the system. In order to obtain information and access to industrial control systems in the energy, nuclear, water, aviation, and vital manufacturing sectors, nation-states are focusing on critical infrastructure. Furthermore, coordinated nationwide attacks against government and private sector entities, internet service providers and critical infrastructure providers facilitate espionage, steal intellectual property, preserve continuous network access and possibly create the groundwork for further offensive actions. The most common attacks used are ransomware and phishing. To keep a track on this the states have certain duties and at the same time the public-private cooperation is also necessary. An estimate by cybersecurity company KnowBe4 indicates that from January 2023 to January 2024, worldwide critical infrastructure saw over 420 million assaults, averaging over 13 attacks per second1.