Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Hi, Neat post. There’s an issue together with your
site in internet explorer, could check this? IE still is the market leader and a huge component of
other folks will miss your fantastic writing due to this problem.
Excellent blog here! Also your web site loads up fast!
What web host are you using? Can I get your affiliate link to your host?
I wish my website loaded up as quickly as yours
lol
Marvelous, what a web site it is! This web site presents useful
data to us, keep it up.
My brother recommended I might like this web site.
He was entirely right. This post truly made my day. You cann’t imagine just how much time I had spent
for this info! Thanks!
This blog was… how do I say it? Relevant!! Finally I have found something that helped me.
Thanks a lot!
I think this is one of the most vital info for me.
And i am glad reading your article. But should remark
on few general things, The site style is ideal, the articles is
really great : D. Good job, cheers
Hello just wanted to give you a quick heads up and let you know a few
of the pictures aren’t loading correctly. I’m not sure why but I think its a linking issue.
I’ve tried it in two different internet browsers and both show the same results.
Thanks , I have just been searching for information about this
subject for ages and yours is the greatest
I’ve discovered so far. However, what in regards to the conclusion? Are
you sure concerning the source?
iptv test denemek ücretsizdir.
Way cool! Some extremely valid points! I appreciate
you writing this write-up and also the rest of the
website is extremely good.
Hello there, I found your web site by means of Google at the same time as searching for a comparable subject, your site got here up, it looks
great. I have bookmarked it in my google bookmarks.
Hi there, simply become alert to your weblog via Google,
and located that it is really informative. I’m going to watch out for
brussels. I will appreciate in case you proceed this in future.
Many folks will likely be benefited from your writing. Cheers!
We are a group of volunteers and opening a new scheme in our
community. Your site provided us with helpful info to work on. You have performed a formidable process and our entire neighborhood might be grateful to you.
First off I want to say wonderful blog! I had a quick
question that I’d like to ask if you do
not mind. I was curious to find out how you center yourself and clear your
mind prior to writing. I’ve had a tough time clearing
my mind in getting my ideas out. I truly do enjoy
writing but it just seems like the first 10 to
15 minutes are generally lost simply just trying to figure out how to begin. Any ideas or tips?
Many thanks!
Thank you for any other informative blog. The place else
may just I am getting that type of info written in such a perfect manner?
I’ve a undertaking that I am just now operating on, and
I’ve been at the look out for such information.
I just like the valuable info you supply in your articles.
I will bookmark your weblog and test once more right here regularly.
I’m moderately sure I will learn many new stuff proper
right here! Good luck for the following!
Hey there! This post couldn’t be written any better!
Reading through this post reminds me of my previous room mate!
He always kept chatting about this. I will forward this page to him.
Fairly certain he will have a good read. Thank you for sharing!
Hello, everything is going perfectly here and ofcourse every
one is sharing facts, that’s actually fine, keep up writing.
It’s perfect time to make some plans for the future and it is time to be happy.
I have read this post and if I could I want to suggest you few interesting things or
advice. Perhaps you can write next articles referring to this article.
I want to read even more things about it!
If some one wishes to be updated with latest technologies then he must be pay a quick visit this web page and be
up to date every day.
Hurrah, that’s what I was searching for, what a data! existing here at this webpage,
thanks admin of this web page.