Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Good day! I could have sworn I’ve visited this
blog before but after browsing through many of the posts
I realized it’s new to me. Regardless, I’m definitely happy
I came across it and I’ll be book-marking it and checking back frequently!
An outstanding share! I’ve just forwarded this onto a
colleague who had been doing a little research on this.
And he in fact bought me lunch simply because I stumbled upon it for him…
lol. So allow me to reword this…. Thank YOU for the meal!!
But yeah, thanks for spending some time to talk about this issue here on your site.
web site index.
Admiring the time and energy you put into your website and detailed information you present.
It’s great to come across a blog every once in a while that isn’t the
same old rehashed information. Great read! I’ve saved
your site and I’m including your RSS feeds to my
Google account.
Great blog! Is your theme custom made or did you
download it from somewhere? A theme like yours with a few simple tweeks would really make my blog stand out.
Please let me know where you got your design. Appreciate it
Thanks on your marvelous posting! I quite enjoyed reading it,
you can be a great author.I will always bookmark your blog and definitely will come back in the foreseeable future.
I want to encourage yourself to continue your great posts,
have a nice holiday weekend!
I’d like to thank you for the efforts you have put in writing this website.
I really hope to check out the same high-grade blog posts from you later on as well.
In fact, your creative writing abilities has inspired me to get my very own site now 😉
Hey! I could have sworn I’ve been to this site before but after checking through some of the post I realized it’s
new to me. Nonetheless, I’m definitely happy I found it and I’ll be bookmarking and checking back often!
Very rapidly this web page will be famous among all blogging and site-building viewers,
due to it’s nice articles or reviews
I pay a visit daily a few web sites and sites to read content,
however this webpage offers quality based content.
I relish, cause I found exactly what I used to be looking for.
You have ended my 4 day lengthy hunt! God Bless you man. Have
a nice day. Bye
Very soon this web site will be famous amid all blogging and site-building users, due to
it’s nice articles
Yes! Finally someone writes about 화성출장샵.
After going over a few of the blog articles on your web site, I seriously like your technique of blogging.
I saved as a favorite it to my bookmark site list and will be checking back in the near future.
Take a look at my website as well and tell me how you feel.
Hi there colleagues, fastidious piece of writing and good urging commented
here, I am actually enjoying by these.
I’d like to thank you for the efforts you have put in writing this
website. I am hoping to check out the same
high-grade content by you later on as well. In fact, your creative
writing abilities has encouraged me to get my own, personal site now 😉
Very nice blog post. I definitely love this website.
Keep writing!
I got this website from my pal who informed me regarding this web site and at the moment this time I
am visiting this website and reading very informative articles or reviews at this place.
Pretty! This was a really wonderful post. Thanks for providing
this info.
It’s very effortless to find out any topic on web as compared to
textbooks, as I found this article at this web page.