White Paper Critical National Infrastructure: The Threat … · ˜˜˜˚˛˝˙ˆˇ˘ ˚ In this white paper Critical infrastructure is integral to the functioning and prosperity of

www.thalesgroup.com/uk

In this white paperCritical infrastructure is integral to the functioning and prosperity of nations. This white paper from Thales UK explains why the very real and fast evolving threats against critical national infrastructure, including Cyber, Personnel, Physical, and Environmental, mean policy makers and CNI operators must consider security threats from the outset and revise their defences to meet new threats.

White Paper

Critical National Infrastructure: The Threat LandscapeAugust 2013

Critical National Infrastructure: The Threat Landscape - August 2013 2


IntroductionWe live in a fast changing world. Unfortunately, this includes the threats against people, places, and information.

This white paper from Thales UK is part of a series focusing on the security of Critical National Infrastructure. This paper specifically addresses the threat landscape with respect to critical infrastructure, which has been broadly categorised into Cyber, Personnel, Physical, and Environmental threats.

It is often the case with critical infrastructure that security controls are either not considered or discounted on the basis of cost. CEOs and others controlling finances understandably prioritise the Return of Investment (ROI) from expenditure. This is particularly the case for something that seems theoretical or even improbably such as security threats. Typically, they would rather direct cash elsewhere, or declare a larger profit to shareholders.

This paper sets out to show through documented examples that the threat to critical infrastructure is real, and that from the outset security should be considered in the design of infrastructure facilities.

For the purpose of bounding the scope of this document, critical infrastructure is defined as a fixed facility of importance, such as:

Chemical, oil, gas, chemical, or nuclear facilities.

Connecting infrastructure, such as pipelines and communication networks.

Large infrastructure, such as smart building/smart cities, transport termini, oil/liquefied petroleum gas tankers, or maritime ports.

Today the threat is no longer stationary. Whereas previously persons with malicious intent may have tried to gain physical access to a facility, they may now, for example, consider exploiting cyberspace vulnerabilities to carry out espionage or sabotage. Security architecture must evolve with the threat.

Security threats should be considered through the whole project lifecycle and defences revised to meet new threats. Policymakers and critical infrastructure operators must be mindful of this.

“Security threats should be considered through the whole project lifecycle and defences revised to meet new threats.”



Threats to Critical National InfrastructureCritical infrastructure may experience incidents that are intentional, accidental/ inadvertent, or natural. This paper categorises these as follows:

Cyber

Deliberate or malicious attacks on computers or network infrastructure.

Inadvertent effect on computers or network infrastructure due to personnel actions or equipment failure.

Personnel

Deliberate attempts by persons outside the facility attempting to gain access, or persons within the facility undertaking unauthorised activities.

Persons within the facility undertaking authorised activities which have unintended consequences.

Physical

Deliberate or malicious attacks on the Critical National Infrastructure (CNI) facility.

Inadvertent effect on CNI facility due to personnel actions or equipment failure.

Environmental

Physical effects on the CNI facility due to natural events such as fire, flood/tsunami, earthquake, and extremes of temperature.

The following sections provide a dialog of historical events associated with these categories.



CyberCyber attacks against a CNI facility may be deliberate or inadvertent, for example a deliberate attack would be a DDOS (Distributed Denial of Service) attack on the internet gateway of the facility, whereas an inadvertent attack would be perhaps someone bringing a laptop into the CNI facility with the aim of reprogramming ICS (Industrial Control System) equipment but malware was present on the laptop which spread to the industrial network.

It is vital to understand that the spectre of attacks or inadvertent consequences of human action are real. They have been happening for some time, and are likely to become worse over time as external parties determine it is normal practice to carry out a cyber attack.

The use of APT (Advanced Persistent Threat) cyber attacks has been taking place for a number of years now, after first being observed in 2003 with attacks on the defence sector. Between 2008 and 2011, there was a sustained APT campaign against the oil and gas sector dubbed “Night Dragon”, which was a large cyber espionage campaign with the intent of stealing operational details, exploration research, and financial data.1

Other attacks have affected the nuclear industry. In August 2011, the Diablo Canyon nuclear plant, north of Santa Barbara, experienced a network break-in, in which the attackers were seeking to identify the operations, organizations, and security of U.S. nuclear power generation facilities.2 The implications of gaining details of nuclear CNI information are extremely serious. If details of the plant’s security, physical layout, and location of critical systems/processes, and nuclear material were known, and fell into the hands of terrorist or other belligerent agents, an attack could be mounted with serious consequences.

CNI represents not just the installations, but the connecting infrastructure and remote facilities such as pipelines and remote instrumentation and actuators. This infrastructure, due to the remoteness of the equipment, is often connected to the internet – typically in an insecure manner. SHODAN is a specialised search engine which is able to gather header information and thereby identify connecting devices.3 SHODAN can, therefore, be used to find specific builds of security cameras or SCADA (Supervisory Control and Data Acquisition) systems – builds that contain known vulnerabilities and can be exploited.

The robustness of SCADA equipment is simply not good enough to be directly connected to the internet.4 This is owing to the widespread use of insecure technologies, such as ActiveX, and applications vulnerable to the simplest of attacks, and a lack of secure coding practices such as SDL (Microsoft Security Development Lifecycle). It does not help when manufacturers still get caught using hardcoded default login credentials.5 If they are hardcoded they cannot be changed from the default setting, and with SHODAN such devices are easily discoverable.

1. www.mcafee.com – 10 Nov 11 – Global Energy Cyberattacks: “night Dragon”

2. www.bloomberg.com – 27 Jul 12 – Hackers Linked to China’s Army Seen From EU to D.C.

3. www.threatpost.com – 09 Jan 13 – SHODAN search engine project enumerates internet facing critical infrastructure devices.

4. www.threatpost.com – 03 Feb 12 – State of SCADA security “laughable” researchers say

5. www.scmagazine.com – 23 Mar 13 – Critical Vulnerability discovered in industrial control product

“It is vital to understand that the spectre of attacks or inadvertent consequences of human action are real.”



One of the greatest areas of concern is the lack of thought with respect to cyber security risks on real-time systems. Corporate networks typically include a plethora of security controls, such as antivirus and intrusion detection systems. There have been documented cases where corporate and real-time networks historically under different management regimes have been connected, and subsequently the corporate controls discovered that the real-time network had already been compromised by malware.6

Connecting corporate and real-time networks should never be undertaken, without very tight controls, such as data diode technology. It is, therefore, essential that real-time networks have a full risk assessment including security control identification to ensure threats cannot access the real-time network or gain a foothold without detection.

With infrastructure being spread across disparate locations, technology such as wireless may be used, as it saves on cost and effort running dedicated hardwired communication networks. If undertaken without adequate security controls such as authentication, encryption, and mutual authentication using digital certificates, these networks will be vulnerable. This was all to evident to researchers in the oil and gas industry who discovered a plant could be shut down from up to 40 miles away using direct wireless access.7

Fortunately, it is not all bad news. The very equipment placed in to an ICS/SCADA network to monitor network activity and establish a normal signature for network traffic can not only assist in trapping cyber incidents but also flag equipment that may have malfunctioned due to conventional failure.8

When considering cyber threats to CNI facilities, the risk boundary does not necessarily end at the perimeter fence or outside the building. This was the experience of ASIO, the Australian equivalent of United Kingdom’s MI5, where the building was under construction and the plans were stolen by cyber intrusion from the supply chain.9 Indeed, the complexities of smart buildings which contain sophisticated technology for supporting not only the commercial networks in the building but also ICS-SCADA connect to a multitude of systems. On their first day in operation these systems may be modern but 20 years later they are certainly not modern, and vulnerable to attack.10

The consequences of a cyber attack on the CNI can be very severe. If we take the example of electricity supply and distribution infrastructure, a cyber attack is perhaps the most serious event that can occur – nearly everything stops. Fuel cannot be pumped so transport comes to a halt, hospitals’ ability to distribute emergency treatment or life support is drastically reduced, and food and water cannot be distributed to the population. If not rectified in a short time, civil disturbances or unrest could occur. There is also a high likelihood that electrical transformers could be damaged in the attack, and the lead time for new equipment would be months or years, even in normal circumstances, let alone one where the country has no or limited electricity supply.

“The consequences of a cyber attack on the CNI can be very severe. If we take the example of electricity supply and distribution infrastructure, a cyber attack is perhaps the most serious event that can occur.”

6. www.threatpost.com – 01 Jul 13 – Hackers, Aggressively scanning ICS, SCADA default credentials, vulnerabilities.

7. www.computerworld.com – 25 Jul 13 – Oil, gas field sensors vulnerable to attack via radio waves.

8. www.darkreading.com – 08 Jul 13 – Experiment Simulated Attacks On Natural Gas Plant.

9. www.news.com.au – 27 May 13 – Hacking : Chinese spies steal ASIO blueprints.

10. www.theiet.org – 17 Jul 13 – Smart-building controls “vulnerable” over lifecycle



It is with this backdrop of the potential consequences that the 2009 intrusion into the United States of America’s electricity grid should be considered. Here cyber intruders left behind hacking tools, which could have been left for a return visit at a future date to disrupt the environment.11 In this instance, the aim was probably to understand the infrastructure. However, what if system settings were changed? The majority of remote ICS/SCADA systems will not be instrumented with advanced IDS systems. Therefore, if an unauthorised person has accessed the system this will be unknown.

With this in mind, consider the 2013 research where a virtualised set of ‘honeypots’ simulating ICS/SCADA systems were created, and distributed over multiple countries, simulating control of a water pump.12 74 intrusions were observed, but instead of hackers just being observers, one attacker tried to change the water temperature to 130 degrees Fahrenheit and in two other cases hackers issued commands to shutdown the pump.

It is this wish to change settings or close down systems that should be of concern. Perhaps the most significant event with respect to cyber intrusions in recent years was a deliberate intrusion into the Iranian nuclear enrichment facilities at Natanz in 2010, using malware that was named Stuxnet. ICS used for controlling the speed of the centrifuges were affected causing the destruction of an estimated 1,000 centrifuges.13

In 2012, a separate incident was experienced by Saudi Aramco where the Shamoon self-propagating virus was used in an act of cyber sabotage. 30,000 workstations were infected, each with the Master Boot Record (MBR) overwritten, leaving the workstation monitor displaying a burning American flag.14 Because the MBR of all workstations were overwritten they were inoperable, leaving a very significant problem for Saudi Aramco to deal with. Reports shortly afterwards indicated that RasGas in Qatar had also been targeted.

These showpiece attacks are recognised as being politically driven either by nation states or affiliated groups. However, the emergence of pervasiveness of malicious intent is real, and given the poor state of ICS/SCADA security it should be a source of concern for all.15

11. www.wsj.com – 08 Apr 09 – Electricity Grid in U.S. Penetrated by Spies

12. www.infoworld.com – 01 Aug 13 – Industrial control systems targeted by malicious attackers, research shows

13. www.ieee.org – 26 Feb 13 – The Real Story of Stuxnet

14. www.reuters.com – 11 Oct 12 – “Shamoon” virus most destructive yet for private sector, Panetta says.

15. www.foreignpolicy.com – 23 Jul 13 – Cyber-Sabotage is easy – By Thomas Rid

“The emergence of pervasiveness of malicious intent is real, and given the poor state of ICS/SCADA security it should be a source of concern for all.”



PersonnelFortunately not all cyber attacks are malicious but human action. This particularly relates to acting outside of established Security Operating Procedures (SyOps),which can cause security incidents, sometimes affecting operational equipment.

Employees bringing personal equipment to work have caused malware infections in the offshore industry, and no doubt the much hyped BYOD (Bring Your own Device) trend will make employees think that it is fine to plug their latest smartphone into their work laptop for charging, without considering that they have potentially allowed malware to transfer from the phone to the network, or even allow an external third party to breach the corporate network via the phone, and potentially exfiltrate information.16

The human element is most problematic for CNI. In the military and espionage arena, high profile events involving Bradley Manning, Wikileaks, and Edward Snowden have emphasised the need for rigorous employee vetting and aftercare, along with technical controls to restrict access to information where there is a need to know, and 2 man rules for system administration duties.17 The cases of Manning and Snowden are highly applicable to all CNI sectors. The importance of combining personnel and technology policy for Information Assurance ends is an importance lesson. Typically, CNI operators not handling classified data do not do put in place or enforce these policies rigorously enough.

With modern sophisticated equipment, a malicious insider is represents the most dangerous personnel threat. The Algerian gas refinery terrorist attack in 2013 was only possible because the attackers had extensive knowledge of the plant operations and layout.18 The attack was a conventional insider job; however, equipment can now be installed within a CNI facility that can provide a sophisticated tool for reconnaissance by attackers. Take the example of the “Pwnie Express”, a box that can be plugged-in onsite by a covert intruder, either into network equipment, or just to listen in to WiFi, enabling remote hackers connected to the box via cellular or WiFi networks to access the internal network. They can then gather information and hack IT systems, perhaps disabling security systems, facilitating large scale physical intrusion.19

If combined with other equipment and techniques, the technologically enabled insider can have a considerable impact. For example, many large CNI facilities will rely on GPS (Geographic Positioning System) asset tracking to locate security guard movements and mobile vehicles. The interception of these GPS tracked persons could give the attackers the inside edge in a physical attack, with respect to security force strength and location, and even allows jamming of the GPS signal.20

“Employees bringing personal equipment to work have caused malware infections in the offshore industry.”

16. www.slashgear.com – 24 Feb 13 – Offshore rigs suffer from malware attacks

17. www.wired.com – 09 Jun 13 – NSA Whistleblower: The Ultimate Insider Attack

18. www.nationalgeographic.co.uk – 18 Jan 13 – Attack on Algeria Gas Plant Signals New Risks for Energy Development

19. www.arstechnica.com – 30 Jul 13 – Pwned again: An exclusive look at Pwnie Express’ newest hack-in-a-box

20. www.economist.com – 28 Jul 13 – Out of Sight



However, some mobile assets that are tracked and use GPS for navigation control may be very large, such as oil or LPG (Liquid Petroleum Gas) tankers. Research has shown that it is feasible to drown out the true GPS signal with false ones and steer vessels away from their desired course.21 Although in this case the research only steered a super-yacht, the same principle applies for causing a LPG tanker to collide with other vessels, ground itself on rocks, or crash into a harbour/port. The results could be catastrophic.

It is, therefore, essential that, for all CNI sectors that have extensive human involvement, actions are controlled and auditable. Nobody wants another Chernobyl Disaster, which was caused by persons undertaking activities without full authorisation, or – just as or if not more likely in today’s environment – having an external cyber attack facilitated by an insider.

PhysicalUnfortunately, the extent of large scale insurgent attacks is all too familiar in conflict zones such as Afghanistan and Iraq. However, attacks do occur elsewhere, particularly on CNI facilities or public spaces. Physical security measures, coupled with technology such as CCTV, should be in place to either deter events, or at least allow tracking of activities to focus security and emergency response with ongoing events and their aftermath.

The largest terrorist event in modern history were the attacks of September 11th 2001, which mostly physically affected New York. In response to this event, the New York Domain Awareness system has been installed, to help prevent potential future events, with extensive CCTV monitoring of streets and licence plates, together with associated nuclear material monitoring in case of potential dirty bombs.22 Though, as proven in the 2013 Boston Marathon attack, fixed CCTV in city security does not always yield clear results. In Boston it the general public’s smartphones and digital cameras that produced the best images, and proved crucial in the identification of the persons concerned, where even advanced facial recognition software linked to government databases failed to yield identification of the persons concerned.23

The lessons for CNI are clear. Although CCTV may be deployed, the placement and resolution for evidential quality may not always be adequate. The 2013 incident at a Tennessee Nuclear Power Plant, where a gunman entered the facility, exchanged shots with security guards before escaping, highlighted such physical security vulnerabilities.24 Subsequent investigations failed to determine where the gunman had entered or escaped. Technology should have been in place to ensure these failings did not occur.

21. www.telegraph.co.uk – 31 Jul 13 – Researchers commandeer £50m super-yacht with GPS-spoofing

22. www.networkworld.com – 21 Feb 13 – All-seeing Big Bro Domain Awareness System coming to all 34,000 NYPD cops.

23. www.theverge.com – 24 Apr 13 – They’re watching: why city-wide surveillance failed to stop the Boston Bombing; www.wired.com – 29 May 13 – Boston Bombing Investigation Exposed Successes, Failures of Surveillance Tech

24. www.cnas.org – 26 Apr 13 – Shooting at Tennessee Nuclear Power Plant highlights physical vulnerability of U.S. Electrical System.



This is not just a land based problem. Maritime CNI such as oil tankers, shipping, and oil platforms have faced significant and growing difficulties, particularly in relation to pirates.25 In addition to maritime vessels, oil platforms have been targeted, with a failed attempt in 2013 to attack and take over such a facility in Nigeria, which was repelled by the Nigerian Navy.26

It is not only the facilities such as those in the oil and gas industry that require protection but the pipelines and pumping stations to and from these facilities. Connection infrastructure represent huge targets. Take the following gas pipelines, for example:

China West East Pipeline - (internal China) – 5,410 miles

Gasun Pipeline (Bolivia to Brazil) – 3,100 miles

Trans Saharan (planned Nigeria, Niger to Algeria) – 2,565 miles

It is clear that these distances are huge. The Chinese pipeline is almost the same distance as London to Los Angeles (5446 miles). Often the pipelines pass through regions where militia may try to attack the pipeline, and techniques are required using acoustic detection methods to detect attacks, persons trying to tap-off the pipeline, or leaks. Detection enables the launching of aircraft or drones to investigate further, and take video evidence for response teams.

The threat of attack on pipelines is real – in 2011 a gas pipeline from Egypt supplying both Israel and Jordan was disrupted when attackers planted explosives, and made their getaway on pickup trucks before an adequate response was mounted.27

It is not just the CNI facilities that need protection but the approaches to them. For an attack on a large critical facility it is not unreasonable to assume it would take place at night. Given the lighting on the perimeter fence would only reach out to relatively short distance, the use of thermal cameras or radar could be considered.

This should be an essential requirement for ports. The 2008 terrorist attack in Mumbai was launched from the sea, with a seaborne assault which was not detected, where the terrorists arrived on a Gemini craft laden with explosives, assault rifles, and hand grenades.28

For other critical facilities such as transport facilities, high security with armed guards is now commonplace following the Rome and Vienna airport attacks of 1985, which resulted in 19 civilian deaths and 138 injured. Fortunately there have been no similar incidents since then in air transport, but the rail industry has not been so fortunate. The Madrid Train bombings of 2004 caused 191 deaths with 10 explosions. The London bombings of 2005 killed 52 and injured 700. The extent of rail facilities, with long, often subterranean tracks, represents a significant physical vulnerability.

“The threat of attack on pipelines is real – in 2011 a gas pipeline from Egypt supplying both Israel and Jordan was disrupted when attackers planted explosives”

25. www.theiet.org – Global Challenges in maritime security

26. www.foxnews.com – 22 Sep 13 – Pirates attack offshore oil platform near Nigeria, then kidnap 3 French employees from ship

27. www.thenational.ae – 05 Jul 11 – Bomb Attack on Egyptian pipeline disrupts gas supply to Israel and Jordan

28. www.guardian.com – 27 Nov 08 – Witnesses describe Mumbai attackers’ arrival by sea.



Although the sophistication of cyber attacks is on the rise, the method of choice for terrorists still remains a physical attack, as the Madrid and London attacks demonstrate. These may involve vehicles laden with explosives, as with the failed 2007 attack on Glasgow Airport, perhaps accompanied by armed accomplices.29 This will require consideration to the points of ingress, and strengthening those points with physical barriers, and robust multi-layer entry zones with vehicle inspection facilities.

EnvironmentIt is not only terrorists and cyber adversaries that should be considered when designing and operating a CNI facility. The natural environment is also a changeable and unpredictable constituent of the threat landscape. The main events to be considered are:

Fire

Flood

High wind

Extremes of temperature

Earthquake

Explosion

Perhaps the most notable recent event in the environmental sphere was the tsunami that hit Japan in 2011 following an offshore earthquake. The resulting waves overwhelmed the sea defences at the Fukushima Daiichi nuclear power plant, flooding low lying generators used to supply power for pumps circulating reactor coolant, resulting in explosions and significant radioactive contamination. This was the largest nuclear disaster since the Chernobyl disaster of 1986 and only the second, along with Chernobyl, to measure Level 7 on the International Nuclear Event Scale.

The obvious defence for a tsunami is a sea wall. Fukushima Daiichi had a sea wall extending 7 metres above sea level. Sadly, the waves reached 15 metres, and even if a new sea wall was built 20 metres, there is no guarantee it will be sufficient against such a variable occurrence. A problem, among many that the Japanese Authorities will need to deal with, if nuclear power is ever to restart in earnest in Japan.

29. www.theguardian.com/world/2007/jul/02/terrorism.scotland



Fire remains an ever present problem for industry. However, where a typical fire may result in dousing by sprinklers, having a fire in a CNI facility with explosive materials such as petroleum, LPG and chemicals, or nuclear material that could create a hazardous plume is an altogether a more serious matter. The Buncefield fire in 2005 led to a large fuel-air explosion and fire at the Buncefield oil storage facility in Hertfordshire UK. The initial fire broke out during the filling of a storage tank via a pipeline from the Coyton Refinery. Instrumentation that should have indicated high level limit failed allowing overspill which ignited.30

The resulting inferno was Europe’s largest peacetime fire. Its impact was significant, with travel disruption due to the adjacent M1 motorway being closed, and evacuation of local residents. Because 30% of fuel for London Heathrow airport came from Buncefield, the disruption had a far reaching knock on effect. Fire is a natural disaster, though in this case the initial cause was in the failure of instrumentation and associated interlocks resulting in the overspill. It shows that the failure of only one link in the chain of control can cause a catastrophic event. If the cyber discussions above are considered, it could in another place and time be a cyber intrusion that could change the logic and cause the event.

Water is to be kept away from electrical equipment, as we all know, but sometimes that is not possible when floods occur. A widely viewed video on the internet is that of the Vodafone data centre that was flooded in Istanbul in 2009.31 Although it may have seemed inconceivable, given enough rain, data centres in the wrong place and height above water level will succumb, and it is therefore essential for companies to have failover facilities and business continuity plans to ensure service is resumed with the shortest of delays.

Both water ingress and extremes of temperature can cause problems for electronic equipment such as network switches, or any equipment that in not industrially rated. For example, a typical standard network switch has a temperature range of 23 to 104 degrees Fahrenheit (-5 to 45 degrees Celsius), whereas a comparable industrial variant will withstand -40 to 167 degrees Fahrenheit (-40 to 75 degrees Celsius). The implication is that if perhaps designing a perimeter digital CCTV system for a CNI facility, there is no point using commercial switchgear exposed to extremes of external temperature resulting perhaps in the complete failure of the security system.



ConclusionThe threats facing Critical National Infrastructure are real. They are happening now but, not only this, they are constantly changing and, in the case of cyber, becoming ever more sophisticated and pervasive.

Many of the most serious incidents cited in this paper had some form of political motivation behind the attacks. The lawlessness of certain regions and threat spheres, particularly cyber, is making possible such attacks at the critical infrastructure and businesses of a nation-state.

Whereas previously a physical assault would be required directly against the facility with little chance of doing major damage to the company in its entirety, today attacks may consider cyber sabotage to ensure the parent company cannot operate – and if real-time systems lack segregation and are linked to the corporate network, the cyber intrusion can spread far and have significant consequences.

Be it attempts to blow up pipelines or cyber sabotage tens of thousands of IT workstations, effectively destroying the ability of a company to exist, the threats are without doubt becoming more severe over time. Technological developments and their democratisation and proliferation, against the multi-polar geopolitical world we inhabit, are seeing to this.

Threats should be considered through the whole project lifecycle and defences revised to meet new threats. Today’s security architecture must evolve to stay ahead of tomorrow’s threat.

“Threats should be considered through the whole project lifecycle and defences revised to meet new threats. Today’s security architecture must evolve to stay ahead of tomorrow’s threat.”



© 2013 THALES UK LTD. This document and any data included are the property of Thales UK Ltd. No part of this document may be copied, reproduced, transmitted or utilised in any form or by any means without the prior written permission of Thales UK Limited having first been obtained. Thales has a policy of continuous development and improvement. Consequentially the equipment may vary from the description and specification in this document. This document may not be considered as a contract specification. Graphics do not indicate use or endorsement of the featured equipment or services.

About ThalesWhenever critical decisions need to be made, Thales has a role to play.

World-class technologies and the combined expertise of 65,000 employees in 56 locally based country operations make Thales a key player in assuring the security of citizens, infrastructure and nations in all the markets we serve – aerospace, space, ground transportation, security and defence.

For more than 40 years, Thales has delivered state of the art physical and cyber security solutions to commercial, critical national infrastructure, government and military customers.

Thales will help you refocus your security spend to defend your organisation and prevent significant loss of revenue and reputation. Thales will ensure your competitive advantage is maintained by being able to demonstrate resilient and secure use of physical and cyber security.

Why Thales?As a world leader in providing modular, integrated physical and cyber security solutions, Thales is able to:

Design and implement upgrades to the existing security of your organisation with minimal impact to your business operations. Thales is trusted to secure critical energy facilities, transport networks and defence assets in the UK and around the world.

Pull through capabilities from the global Thales Group and our industry partners to deliver secure solutions that deliver tangible business benefits. For example, Thales implemented a fully integrated security management system in Mexico City as part of the ‘Secure City’ project.

Use our world leading encryption product suite to protect your data. Our encryption hardware help secure an estimated 80% of the world’s payment transactions, including 3.7 billion BACS transactions every year.

Contact UsThales UK Ltd, Mountbatten House, Basing View, Basingstoke RG21 4HJ, UKTel: +44 (0) 1256 376633 Email: [email protected] Website: www.thalesgroup.com/uk

Documents

White Paper Critical National Infrastructure: The Threat … · ˜˜˜˚˛˝˙ˆˇ˘ ˚ In this white paper Critical infrastructure is integral to the functioning and prosperity of