Any modern country has a wide variety of assets to protect. Some of those assets are more necessary than others for the country’s security, welfare, and economy in general. Such critical assets include power grids, water supplies, public-transit systems, and telecommunications, to name a few. Critical infrastructure has to be protected from a wide variety of threats, both domestic and foreign. Given the nature of critical infrastructure, much of it is interconnected and interoperates through the use of technology—thus increasing the overall risk of possible threats.

As such, every country follows a variety of procedures and operations to minimize the risk of interrupting any critical infrastructure operations. It has to be mentioned here, though, that no one can completely erase the risk because, at any given time, there may be vulnerabilities in those infrastructures that we are not aware of.

As mentioned above, critical infrastructure holds huge significance for a country, and as such, these elements are considered HVTs (high-value targets) to enemies. The most convenient way to attack critical infrastructure is by using the Internet. Because of the nature of the target, attacks have to be carefully planned and specially “crafted” so that they can be carried out successfully. Such attacks are called advanced persistent threats (APTs). One of the most well-known APT attacks was delivered using Stuxnet, although that is not the only one.

Over the past few years, we have witnessed a lot of APT attacks against U.S. corporations such as Google, and even against U.S. government agencies. According to a report, most of these attacks can be traced back to China. China is operating a group called PLA Unit 61398, stationed in Shanghai and directly associated with the CPC, and it it tasked with cyber-espionage operations. In September 2014, the FBI issued a warning regarding a more advanced cyber-espionage group dubbed Axiom. In May 2014, the U.S. DoJ issued an indictment for five PLA Unit 61398 officials.