Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
What i do not realize is in truth how you’re no longer really a lot more neatly-liked than you might be now.
You’re very intelligent. You already know thus considerably relating
to this matter, produced me in my opinion consider
it from so many varied angles. Its like men and women don’t
seem to be interested until it is one thing to accomplish with Lady gaga!
Your individual stuffs great. Always maintain it up!
I’m really impressed with your writing skills and also with the layout on your blog.
Is this a paid theme or did you customize it yourself?
Either way keep up the excellent quality writing, it is rare to
see a nice blog like this one today.
Attractive section of content. I just stumbled upon your web site and in accession capital to assert that I get in fact enjoyed account your blog posts.
Any way I’ll be subscribing to your augment and even I achievement you access consistently rapidly.
My spouse and I stumbled over here by a different web page and thought I may as well check things out.
I like what I see so now i am following you. Look forward to going over your web page for a second
time.
hey there and thank you for your information –
I’ve certainly picked up anything new from right
here. I did however expertise a few technical
issues using this site, as I experienced to reload the website many times previous to I could
get it to load properly. I had been wondering if your hosting is
OK? Not that I’m complaining, but slow loading instances times will often affect your
placement in google and could damage your high-quality score if advertising and marketing with Adwords.
Anyway I am adding this RSS to my email and could look out
for much more of your respective intriguing content. Ensure that you update this again very
soon.
It’s remarkable to pay a visit this website and reading
the views of all mates about this paragraph, while I am also zealous of
getting know-how.
I am sure this piece of writing has touched all the
internet users, its really really good article on building up new blog.
Howdy! I understand this is sort of off-topic however I needed to
ask. Does managing a well-established website like yours require a large amount of work?
I am completely new to writing a blog however I do write
in my diary everyday. I’d like to start a blog so I can easily share
my experience and views online. Please let me know if you have any suggestions or tips for new aspiring bloggers.
Appreciate it!
Hi there, yes this paragraph is actually fastidious and I have learned lot of things from it about blogging.
thanks.
whoah this weblog is magnificent i like reading your posts.
Keep up the great work! You know, lots of individuals are searching
round for this information, you can help them greatly.
Hi there! I could have sworn I’ve been to this site
before but after checking through some of the post
I realized it’s new to me. Anyhow, I’m definitely glad I found it
and I’ll be book-marking and checking back
frequently!
I really like what you guys tend to be up too. Such clever work and
exposure! Keep up the superb works guys I’ve added you guys to my
blogroll.
Amazing issues here. I am very satisfied to peer your post.
Thanks a lot and I am taking a look forward to contact you.
Will you kindly drop me a e-mail?
Thanks , I have just been looking for information approximately
this topic for a while and yours is the best I have found out till now.
But, what in regards to the conclusion? Are you certain in regards to the supply?
Ahaa, its nice discussion about this article at this place at this
weblog, I have read all that, so at this time me also
commenting at this place.
I have read so many posts regarding the blogger lovers except
this article is actually a nice piece of writing, keep it up.
I wanted to thank you for this very good read!!
I certainly enjoyed every little bit of it. I’ve got you book-marked to check out new stuff you post…
It’s amazing in favor of me to have a web site, which is beneficial for my experience.
thanks admin
hello there and thank you for your info – I have certainly picked
up something new from right here. I did however expertise a few technical issues using this website, since I experienced to reload the website many times previous to I could get it to load properly.
I had been wondering if your hosting is OK? Not that I am complaining,
but sluggish loading instances times will sometimes affect your placement in google
and could damage your high-quality score if ads and marketing with Adwords.
Well I’m adding this RSS to my email and can look out for a lot more of
your respective fascinating content. Ensure that you update this again soon.
Very nice post. I simply stumbled upon your weblog and wanted to mention that I have truly enjoyed surfing
around your weblog posts. After all I’ll be subscribing in your feed and
I’m hoping you write once more soon!