Contruction Today - July/August 2017 - 12
facilities and other
infrastructure are vulnerable to
potential cyber attacks.
Cyberthreats are shaking up infrastructure. BY ERIC CHUANG AND IAN SHAPIRO
ncreasing infrastructure spending
to the tune of $1 trillion was a core
pillar of Donald Trump's campaign for
office, and a welcome refrain for the
construction industry. Whether the new
administration will deliver on this promise
remains to be seen.
Despite some cuts to the Department of
Transportation in the administration's first
budget blueprint for fiscal year 2018, the
White House reaffirmed a commitment to
support the nation's critical infrastructure
in subsequent proposals.
With infrastructure investment still
occupying some of the political discourse in
the early months of the Trump presidency,
one vital consideration remains largely
CONSTRUCTION-TODAY.COM JULY/AUGUST 2017
absent from the conversation: cybersecurity
vulnerabilities in critical infrastructure.
What are the cyber risks?
Cyber security risks associated with infrastructure projects have recently received
attention at the federal level.
This March, the Department of Homeland Security (DHS) issued a cyber security
alert for critical infrastructure owners and
operators outlining top cyber threats. DHS
asserted "any sector that uses industrial
control systems (ICS)" - ranging from energy to manufacturing to technology - could
be susceptible to cyber attacks.
ICS automates industrial distribution
and processes, and comprises hardware and
software components integrated via the
Internet of Things (IoT).
Critical infrastructure encompasses 16
sectors - several of which are within the
scope of the construction industry, including transportation systems, government
and commercial facilities, energy and defense industrial bases (DIB). A cyber attack
on firms involved in the construction of
critical infrastructure, sensitive government
facilities, or even facilities for emergency
management, public health or medical
providers, could jeopardize those services.
Hackers could glean potentially vulnerable
information housed in construction firms'
databases, including proprietary employee
data, sensitive client data, tenant personally