Control systems
Control systems are responsible for activating and monitoring industrial or mechanical controls. Many devices are integrated with computer platforms to control valves and gates to certain physical infrastructures. Control systems are usually designed as remote telemetry devices that link to other physical devices through internet access or modems. Little security can be offered when dealing with these devices, enabling many hackers or cyberterrorists to seek out systematic vulnerabilities. Paul Blomgren, manager of sales engineering at cybersecurity firm explained how his people drove to a remote substation, saw a wireless network antenna and immediately plugged in their wireless LAN cards. They took out their laptops and connected to the system because it wasn't using passwords. "Within 10 minutes, they had mapped every piece of equipment in the facility," Blomgren said. "Within 15 minutes, they mapped every piece of equipment in the operational control network. Within 20 minutes, they were talking to the business network and had pulled off several business reports. They never even left the vehicle."Lyons, Marty. United States. Homeland Security. Threat Assessment of Cyber Warfare. Washington, D.C.:, 2005. Web.Energy
Energy is seen as the second infrastructure that could be attacked. It is broken down into two categories, electricity and natural gas. Electricity also known as electric grids power cities, regions, and households; it powers machines and other mechanisms used in day-to-day life. Using US as an example, in a conflict cyber terrorists can access data through the Daily Report of System Status that shows power flows throughout the system and can pinpoint the busiest sections of the grid. By shutting those grids down, they can cause mass hysteria, backlog, and confusion; also being able to locate critical areas of operation to further attacks in a more direct method. Cyberterrorists can access instructions on how to connect to the Bonneville Power Administration which helps direct them on how to not fault the system in the process. This is a major advantage that can be utilized when cyberattacks are being made because foreign attackers with no prior knowledge of the system can attack with the highest accuracy without drawbacks. Cyberattacks on natural gas installations go much the same way as it would with attacks on electrical grids. Cyberterrorists can shutdown these installations stopping the flow or they can even reroute gas flows to another section that can be occupied by one of their allies. There was a case in Russia with a gas supplier known as Gazprom, they lost control of their central switchboard which routes gas flow, after an inside operator and Trojan horse program bypassed security. The 2021 Colonial Pipeline cyberattack caused a sudden shutdown of the pipeline that carried 45% of the gasoline, diesel, and jet fuel consumed on theFinance
Financial infrastructures are increasingly vulnerable to cyberattacks due to their reliance on interconnected computer systems. The financial system's complexity and the constant flow of transactions make it an attractive target for cybercriminals. A significant breach could lead to massive financial losses, erode public trust, and destabilize economies. The landscape of cyber threats has changed exponentially during the last few years, with threat actors becoming more sophisticated. Estimates from 2014 institutions are subjected to an average of 1,275 cyberattacks per week, a 72% increase since 2019. A cyberattack on a financial institution or its transactions may be referred to as a "cyber heist." These attacks often begin with phishing campaigns that exploit social engineering tactics to deceive employees into divulging sensitive information. Once inside the network, attackers can deploy keyloggers to capture login credentials and gain unauthorized access to banking systems. In May 2013, a gang executed a US$40 million cyber heist from the Bank of Muscat. More recently, in March 2025, the hacker collective "Codebreakers" breached Iranian Bank Sepah, exposing over 42 million customer records, including sensitive financial data.Transportation
Transportation infrastructure mirrors telecommunication facilities: by impeding transportation for individuals in a city or region, the economy will slightly degrade over time. Successful cyber attacks can impact scheduling and accessibility, creating a disruption in the economic chain. Carrying methods will be impacted, making it hard for cargo to be sent from one place to another. In January 2003 during the "slammer" virus, Continental Airlines was forced to shut down flights due to computer problems. Cyberterrorists can target railroads by disrupting switches, target flight software to impede airplanes, and target road usage to impede more conventional transportation methods. In May 2015, a man, Chris Roberts, who was a cyber consultant, revealed to the FBI that he had repeatedly, from 2011 to 2014, managed to hack into Boeing and Airbus flights' controls via the onboard entertainment system, allegedly, and had at least once ordered a flight to climb. The FBI, after detaining him in April 2015 in Syracuse, had interviewed him about the allegations.Water
Water as an infrastructure could be one of the most critical infrastructures to be attacked. It is seen as one of the greatest security hazards among all of the computer-controlled systems. There is the potential to have massive amounts of water unleashed into an area which could be unprotected causing loss of life and property damage. Even water supplies could be attacked; sewer systems can be compromised too. There was no calculation given to the cost of damages, but the estimated cost to replace critical water systems could be in the hundreds of billions of dollars. Most of these water infrastructures are well developed making it hard for cyberattacks to cause any significant damage, at most, equipment failure can occur causing power outlets to be disrupted for a short time. In 2024, multiple US water facilities had their industrial equipment compromised by hackers to display anti-Israel messages. Although no major damage has been inflicted, it has revealed US water facilities are experiencing lack of funding and resources to patch security vulnerabilities in their infrastructure.Waste management
In addition to water facilities, waste management facilities can also be and have been targets of cyberattacks. In 2023, the Radio Waste Management (RWM) company, owned by the United Kingdom government, experienced an unsuccessful cybersecurity breach through the use of LinkedIn. The attack attempted to identify and access the people who are part of the business. In 2023, Sellafield, the UK's largest and most hazardous nuclear waste disposal site, had been targeted by foreign hackers, linked to Russia and China. Sleeper malware was discovered inside of the site's networks, and it is unknown how long it had been installed or if it had been fully removed. The full extent of the weak security was exposed when staff found they could access Sellafield's servers from outside the site. Reports in 2012 and 2015 reported that the company and senior management have been aware of the security vulnerabilities but failed to report or spend resources to address these vulnerabilities. Sellafield's sensitive documents, such as foreign attack or disaster emergency defense plans and radioactive waste management, may have been compromised. It is possible for smaller scale electronics in e-waste to become targets of cyberattacks. The PwC estimates that globally by 2030, the amount of Internet of Things (IoT) devices owned around the world would reach over 25 billion, and of that, 70 million tonnes of e-waste will be generated and disposed of. Although only based on anecdotal evidence, it's estimated the majority of this e-waste is improperly disposed of, allowing the components of these devices to retain sensitive information and personal data. Cyber criminals may target e-waste of individuals or organizations to gain access to sensitive data that isn't as securely guarded as active devices.Hospitals and medical facilities
Hospital as an infrastructure is one of the major assets to have been impacted by cyber attacks. These attacks could "directly lead to deaths." The cyberattacks are designed to deny hospital workers access to critical care systems. Recently, there has been a major increase of cyberattacks against hospitals amid theReferences
{{reflist Cyberattacks Infrastructure