Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Fantastic beat ! I wish to apprentice at the same time as you amend
your site, how could i subscribe for a weblog web site?
The account helped me a acceptable deal. I were tiny bit familiar
of this your broadcast offered vivid clear concept
What’s up to all, how is everything, I think every one is getting more from this web
site, and your views are fastidious in support of new viewers.
Yesterday, while I was at work, my cousin stole
my apple ipad and tested to see if it can survive a thirty foot drop, just so
she can be a youtube sensation. My iPad is now broken and she has 83 views.
I know this is entirely off topic but I had to share it with someone!
Pretty! This was a really wonderful article.
Thank you for providing this information.
No matter if some one searches for his vital thing,
thus he/she wants to be available that in detail, therefore that thing is maintained over here.
Aw, this was an exceptionally good post. Spending some time and actual effort to produce a very good article… but what
can I say… I procrastinate a lot and never
manage to get nearly anything done.
I got this web page from my buddy who shared with me about this website and at the moment this time I am browsing this web page and
reading very informative articles here.
Everyone loves what you guys are usually up too. This sort of clever work and reporting!
Keep up the excellent works guys I’ve added you
guys to our blogroll.
Hello! This post could not be written any better!
Reading this post reminds me of my old room mate! He always
kept chatting about this. I will forward this post to
him. Pretty sure he will have a good read.
Thanks for sharing!
What’s Taking place i am new to this, I stumbled upon this I
have found It positively helpful and it has aided me out loads.
I am hoping to contribute & aid different users like
its aided me. Good job.
Hello mates, pleasant piece of writing and good arguments commented here, I am really enjoying by these.
Thanks to my father who told me about this webpage, this website is truly awesome.
It is the best time to make a few plans for the longer term and it’s time to be happy.
I have learn this put up and if I may just I desire to counsel you some fascinating things or tips.
Perhaps you could write subsequent articles relating to this article.
I desire to learn more things about it!
This is very interesting, You’re an overly professional blogger.
I have joined your rss feed and stay up for looking for more
of your wonderful post. Also, I have shared your website in my social networks
Wonderful, what a web site it is! This webpage gives useful facts to us,
keep it up.
Hello, I enjoy reading through your post. I like to write a
little comment to support you.
What’s Happening i am new to this, I stumbled upon this I’ve found It absolutely useful
and it has helped me out loads. I’m hoping to contribute & assist
different customers like its helped me. Good job.
Hello, of course this post is really pleasant and I have learned lot of things from it concerning blogging.
thanks.
I read this paragraph completely regarding the difference of newest and preceding technologies, it’s remarkable article.
Hey there, I think your blog might be having browser compatibility
issues. When I look at your blog in Opera, it looks fine but
when opening in Internet Explorer, it has some overlapping.
I just wanted to give you a quick heads up! Other then that, excellent
blog!