Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Nice answers in return of this question with real arguments and explaining all concerning
that.
Howdy! This is kind of off topic but I need some guidance from an established blog.
Is it hard to set up your own blog? I’m not very techincal but I can figure things out pretty quick.
I’m thinking about setting up my own but I’m not
sure where to begin. Do you have any tips or suggestions?
Appreciate it
Wonderful beat ! I would like to apprentice while you amend your website, how can i
subscribe for a blog website? The account helped me a acceptable deal.
I had been tiny bit acquainted of this your broadcast provided bright clear idea
Hi, I do think this is a great site. I stumbledupon it 😉 I am
going to come back once again since i have book-marked it.
Money and freedom is the greatest way to change, may you be rich
and continue to help others.
An impressive share! I’ve just forwarded this onto a colleague who was conducting a little research on this.
And he in fact ordered me dinner due to the fact that I discovered it for him…
lol. So let me reword this…. Thank YOU for the meal!!
But yeah, thanks for spending time to talk about this issue here on your internet site.
If you are going for most excellent contents like me, only
visit this site all the time as it gives quality contents, thanks
you are truly a good webmaster. The website loading speed is amazing.
It kind of feels that you are doing any unique
trick. Moreover, The contents are masterpiece. you have done a great job in this subject!
Hello there! Quick question that’s completely off topic.
Do you know how to make your site mobile friendly?
My weblog looks weird when browsing from my iphone 4.
I’m trying to find a template or plugin that might be able
to fix this issue. If you have any recommendations,
please share. With thanks!
I know this if off topic but I’m looking into starting my own blog and was curious what all is required to get set up?
I’m assuming having a blog like yours would cost a pretty penny?
I’m not very internet savvy so I’m not 100% positive.
Any suggestions or advice would be greatly appreciated.
Cheers
Its such as you read my mind! You seem to grasp a lot approximately this, such as
you wrote the ebook in it or something. I believe that you just could
do with a few % to power the message house a little bit, but other than that, that is fantastic blog.
An excellent read. I will definitely be back.
These are truly great ideas in about blogging.
You have touched some nice points here. Any way keep up wrinting.
Hi there! This is kind of off topic but I need some advice
from an established blog. Is it hard to set up your
own blog? I’m not very techincal but I can figure things out pretty quick.
I’m thinking about creating my own but I’m not sure where to start.
Do you have any tips or suggestions? Many thanks
Does your site have a contact page? I’m having a tough time locating it but, I’d like to shoot you
an e-mail. I’ve got some ideas for your blog you might be interested in hearing.
Either way, great website and I look forward to seeing it grow
over time.
I like it whenever people come together and share views. Great blog, stick with it!
My programmer is trying to convince me to move to .net from PHP.
I have always disliked the idea because of the costs.
But he’s tryiong none the less. I’ve been using Movable-type on various
websites for about a year and am nervous about switching to another platform.
I have heard fantastic things about blogengine.net.
Is there a way I can transfer all my wordpress content into it?
Any help would be greatly appreciated!
Cool blog! Is your theme custom made or did you download it from somewhere?
A theme like yours with a few simple adjustements would really make my blog shine.
Please let me know where you got your design.
Appreciate it
Howdy, i read your blog from time to time and i own a similar one and
i was just wondering if you get a lot of spam responses?
If so how do you reduce it, any plugin or anything you can advise?
I get so much lately it’s driving me insane so any help is very much
appreciated.
I was curious if you ever considered changing the structure of your website?
Its very well written; I love what youve got to say.
But maybe you could a little more in the way of content so people could connect with it
better. Youve got an awful lot of text for only having one or two pictures.
Maybe you could space it out better?
I think everything published made a lot of sense.
However, what about this? suppose you were to
write a awesome headline? I am not suggesting your content is not good, but
suppose you added something to possibly get people’s attention? I mean Cyberattack on Critical Infrastructure – Pentesting.id is a little plain. You should peek at Yahoo’s home
page and note how they create news titles to grab people to
open the links. You might add a related video or a related picture or two to grab people excited about what you’ve got to say.
In my opinion, it might bring your posts a little bit more interesting.
Hi, Neat post. There is a problem with your website in internet explorer, could check this?
IE nonetheless is the market leader and a big part of folks will pass
over your wonderful writing because of this problem.