Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
I read this paragraph fully about the difference of newest and earlier technologies,
it’s amazing article.
I’m impressed, I have to admit. Rarely do I encounter
a blog that’s equally educative and amusing, and let me tell you, you have hit the nail on the head.
The issue is an issue that too few people are speaking intelligently about.
I am very happy I came across this during my search for
something relating to this.
I do not even understand how I stopped up right here, but I thought this
post was once great. I do not understand who you might be but definitely you’re going to a famous blogger if you aren’t already.
Cheers!
Hurrah! In the end I got a website from where I be able to
really obtain helpful information concerning my study and knowledge.
Hello! Would you mind if I share your blog with my myspace group?
There’s a lot of people that I think would really appreciate your content.
Please let me know. Thank you
Pretty nice post. I just stumbled upon your weblog and wanted to say that I’ve really loved surfing
around your weblog posts. After all I’ll be subscribing on your rss feed
and I hope you write again soon!
Quality articles or reviews is the key to invite the viewers to pay a quick visit the web site, that’s what this site
is providing.
Good article! We will be linking to this great content on our site.
Keep up the good writing.
I am sure this article has touched all the internet visitors, its really really pleasant paragraph on building up
new blog.
These are genuinely enormous ideas in about blogging. You have touched some good points here.
Any way keep up wrinting.
Hello, of course this post is truly pleasant and I have learned lot of things from it on the topic of blogging.
thanks.
If some one needs expert view concerning running a blog afterward i suggest him/her to visit this weblog, Keep up the good work.
If you are going for best contents like
me, just pay a visit this web page all the time
for the reason that it presents quality contents,
thanks
Its not my first time to pay a visit this website, i am visiting this web page
dailly and obtain good data from here everyday.
Greetings from Florida! I’m bored to death at
work so I decided to check out your blog on my iphone during lunch break.
I really like the knowledge you present here and can’t
wait to take a look when I get home. I’m amazed at how quick your blog loaded
on my mobile .. I’m not even using WIFI, just 3G .. Anyways, very good site!
Have you ever considered writing an ebook or guest
authoring on other websites? I have a blog based upon on the same ideas you discuss and would love
to have you share some stories/information. I know my subscribers would enjoy your work.
If you’re even remotely interested, feel free to send me an email.
What a information of un-ambiguity and preserveness of precious experience regarding unexpected emotions.
Good day! Do you know if they make any plugins to safeguard against hackers?
I’m kinda paranoid about losing everything I’ve
worked hard on. Any suggestions?
Hello, just wanted to mention, I enjoyed this post. It was inspiring.
Keep on posting!
Hello my family member! I want to say that this article is awesome, great written and come with almost all vital infos.
I’d like to see extra posts like this .