Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Very nice post. I just stumbled upon your weblog and wished to say that I’ve truly enjoyed surfing around your blog posts.
In any case I will be subscribing to your feed and I hope you write again very soon!
It’s an amazing article in favor of all the web people; they will get benefit from it
I am sure.
Nice post. I was checking continuously this blog and I am impressed!
Very helpful information specifically the last part :
) I care for such info much. I was seeking this particular info for a long time.
Thank you and good luck.
cialis fiyat hacklink index.
This is a topic which is close to my heart… Best wishes!
Where are your contact details though?
Thanks very interesting blog!
I am regular reader, how are you everybody? This piece of writing posted at this web page is in fact nice.
I think this is one of the most significant info for me.
And i am glad reading your article. But wanna remark on some
general things, The website style is perfect, the articles is really excellent : D.
Good job, cheers
Thanks very nice blog!
Excellent way of describing, and fastidious paragraph to get information concerning my presentation subject
matter, which i am going to deliver in college.
It is the best time to make some plans for the future and it’s time to be happy.
I’ve read this post and if I could I wish to suggest you few interesting things or suggestions.
Perhaps you can write next articles referring to this article.
I desire to read even more things about it!
Thanks in support of sharing such a pleasant
opinion, paragraph is good, thats why i have read it entirely
hey there and thank you for your information – I’ve definitely picked up something new from right here.
I did however expertise a few technical issues using this web site, since I
experienced to reload the site a lot of times previous to I could get it to load
correctly. I had been wondering if your web hosting is OK?
Not that I am complaining, but sluggish loading instances times will very
frequently affect your placement in google and could
damage your high quality score if ads and marketing with Adwords.
Anyway I’m adding this RSS to my email and could look out for a lot more of
your respective intriguing content. Ensure that you
update this again soon.
My programmer is trying to persuade me to move to .net from PHP.
I have always disliked the idea because of the costs.
But he’s tryiong none the less. I’ve been using Movable-type on a number of websites for about a year and am concerned about switching to another platform.
I have heard good things about blogengine.net. Is there a way I can import all my wordpress posts into it?
Any help would be greatly appreciated!
Nice response in return of this issue with real
arguments and explaining everything regarding that.
I think this is among the most vital info for me. And i’m glad reading your article.
But should remark on few general things, The web
site style is wonderful, the articles is really great :
D. Good job, cheers
I like the valuable info you provide to your articles.
I will bookmark your blog and take a look at once more here frequently.
I am reasonably certain I’ll be told a lot of new stuff right here!
Best of luck for the following!
I will right away grab your rss feed as I can’t to find your e-mail subscription link or newsletter service.
Do you have any? Please allow me understand so that I could subscribe.
Thanks.
Good post. I learn something totally new and challenging on blogs I stumbleupon everyday.
It will always be exciting to read articles from other authors and practice
something from their web sites.
Thanks for sharing your thoughts on https://www.depotmassage.top/. Regards