skip navigation


Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.


NCJ Number: 204893 Find in a Library
Title: Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems
Corporate Author: US Government Accountability Office
United States of America
Date Published: March 2004
Page Count: 47
Sponsoring Agency: NCJRS Photocopy Services
Rockville, MD 20849-6000
US Government Accountability Office
Washington, DC 20013
US Government Accountability Office
Washington, DC 20548
Publication Number: GAO-04-354
Sale Source: US Government Accountability Office
P.O. Box 37050
Washington, DC 20013
United States of America

NCJRS Photocopy Services
Box 6000
Rockville, MD 20849-6000
United States of America
Document: PDF
Type: Research Paper
Format: Document (Online)
Language: English
Country: United States of America
Annotation: This General Accounting Office (GAO) study assessed the potential risk of cyber attack against our Nation’s critical infrastructure control systems and identified challenges to securing control systems from cyber attack.
Abstract: Control systems for many of our Nation’s critical infrastructures have been computerized. As such, much critical infrastructure, such as natural gas distribution and drinking water systems, is considered vulnerable to cyber attacks. Moreover, the increasing use of standardized technologies and the increasing connectivity of computerized systems makes the threat of cyber attack very real. This study had four main objectives: (1) to assess the cybersecurity risks associated with critical control systems; (2) to assess potential and reported cyber attacks against these systems; (3) to assess the key challenges to securing control systems; and (4) to assess efforts to strengthen the cybersecurity of critical control systems. Research methodology included an analysis of previous research and GAO reports, document analysis, and interviews with manufacturers, users, and Federal officials with expertise in control systems and their security. Results revealed that several factors have contributed to the vulnerability to cyber attacks: (1) adoption of standardized technologies with known vulnerabilities; (2) increasing computer connectivity; (3) insecure remote connections; and (4) widespread availability of information about control system technology. The main challenges to securing control systems include limitations of current security technologies, the perception that securing control systems will be economically unfeasible, and conflicting priorities within organizations regarding the security of control systems. Greater collaboration among critical infrastructure entities is necessary for the increased security of our Nation’s control systems. The report recommends that the Department of Homeland Security develop and implement a coordinating strategy by December 2004 for private and government agencies to improve control system security. Tables, figures, appendix
Main Term(s): Critical Infrastructure Protection
Index Term(s): Computer privacy and security; Cyber Terrorism; National security; US Government Accountability Office (GAO)
Note: Downloaded March 31, 2004.
To cite this abstract, use the following link:

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.