Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
whoah this blog is fantastic i really like studying your posts.
Stay up the great work! You already know, lots of persons are hunting around for this info, you could aid them greatly.
I pay a visit daily a few websites and sites to read posts, but this webpage presents feature based content.
You actually make it seem so easy with your presentation but I find this matter to be actually
something that I think I would never understand.
It seems too complicated and extremely broad for me.
I’m looking forward for your next post, I will try to
get the hang of it!
Hi, i read your blog occasionally and i own a similar one and i
was just curious if you get a lot of spam comments?
If so how do you reduce it, any plugin or anything you can advise?
I get so much lately it’s driving me crazy so any
help is very much appreciated.
It’s very effortless to find out any matter on web as compared to textbooks, as I found this post at this web page.
Thanks for sharing your thoughts on https://www.samcheokmassage.club/. Regards
I think this is one of the most significant info for me.
And i’m glad reading your article. But want to remark on some general things,
The website style is perfect, the articles is really excellent : D.
Good job, cheers
I always emailed this weblog post page to
all my friends, for the reason that if like to read it next my links will too.
I would like to thank you for the efforts you’ve put in penning
this blog. I really hope to check out the same high-grade content from
you later on as well. In truth, your creative writing abilities
has motivated me to get my own blog now 😉
That is really attention-grabbing, You are a very professional blogger.
I’ve joined your feed and sit up for in the
hunt for extra of your great post. Also, I have
shared your web site in my social networks
Please let me know if you’re looking for a author for your weblog.
You have some really good articles and I think I would
be a good asset. If you ever want to take some of the load off, I’d love to write some material for your blog in exchange for
a link back to mine. Please shoot me an e-mail if interested.
Thank you!
Peculiar article, totally what I wanted to find.
Please let me know if you’re looking for a writer for your site.
You have some really great posts and I believe I would be a good
asset. If you ever want to take some of the load off, I’d really
like to write some material for your blog in exchange for
a link back to mine. Please blast me an email if interested.
Cheers!
Hello very nice website!! Man .. Beautiful .. Amazing ..
I will bookmark your site and take the feeds additionally?
I’m glad to seek out numerous helpful info right here within the publish, we want
work out extra techniques on this regard, thanks for sharing.
. . . . .
Hey just wanted to give you a quick heads up. The text in your content seem to be running off the screen in Safari.
I’m not sure if this is a format issue or something to do with internet browser
compatibility but I thought I’d post to let you know. The design and style look great though!
Hope you get the issue solved soon. Cheers
Thank you for the auspicious writeup. It in fact was a amusement account it.
Look advanced to far added agreeable from you!
However, how could we communicate?
Very quickly this web page will be famous amid all blogging and site-building users,
due to it’s fastidious articles or reviews
Highly energetic post, I enjoyed that a lot. Will there be a part 2?
Spot on with this write-up, I absolutely think this
website needs a lot more attention. I’ll probably be returning to read through more, thanks for the
advice!
Hello everyone, it’s my first visit at this web site, and post is genuinely fruitful designed for me, keep up posting
these types of articles or reviews.