Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
I love your blog.. very nice colors & theme. Did you create this website yourself or did you hire someone to do it for
you? Plz answer back as I’m looking to construct my own blog and would like to know where u got this from.
kudos
Why visitors still make use of to read news papers when in this technological globe
everything is existing on web?
I’m really impressed with your writing skills and also with
the layout on your blog. Is this a paid theme or did you customize
it yourself? Anyway keep up the nice quality writing, it’s rare to see a great blog like
this one these days.
You’ve made some good points there. I looked
on the internet to learn more about the issue
and found most individuals will go along with your views on this web site.
Nice response in return of this matter with firm arguments
and describing everything on the topic of that.
Wonderful website. A lot of useful info here.
I am sending it to several buddies ans additionally sharing
in delicious. And obviously, thank you on your sweat!
I’m curious to find out what blog platform you’re using?
I’m experiencing some small security issues with my latest site and I would like
to find something more secure. Do you have any suggestions?
If you wish for to take a good deal from this post then you have to apply such
methods to your won web site.
I am regular visitor, how are you everybody?
This post posted at this site is genuinely fastidious.
Way cool! Some extremely valid points! I appreciate you writing this write-up and also the rest of the site is also really good.
I believe that is one of the most important information for me.
And i am happy reading your article. However should statement on some normal issues,
The web site taste is ideal, the articles is in reality
excellent : D. Good activity, cheers
I just like the helpful information you supply for
your articles. I’ll bookmark your weblog and check again right here
frequently. I am slightly sure I will be told many new stuff
right here! Best of luck for the following!
Hello there, just became alert to your blog through Google, and found
that it’s truly informative. I’m gonna watch out for
brussels. I’ll be grateful if you continue this in future.
A lot of people will be benefited from your writing. Cheers!
What’s up i am kavin, its my first time to commenting anyplace, when i read this article i thought i could
also create comment due to this sensible paragraph.
Hmm is anyone else having problems with the images on this blog loading?
I’m trying to find out if its a problem on my end or if it’s the blog.
Any feedback would be greatly appreciated.
My family members always say that I am wasting my time here at net, however I know I am getting know-how daily by reading such good articles
or reviews.
What i do not understood is in fact how you’re no longer actually much more well-appreciated than you might
be right now. You’re so intelligent. You understand thus significantly relating to
this topic, made me for my part consider it from numerous numerous angles.
Its like women and men aren’t fascinated until it’s something to
do with Girl gaga! Your individual stuffs excellent. All the time handle
it up!
Simply wish to say your article is as astonishing.
The clarity on your submit is just great and i can think you’re an expert on this subject.
Well with your permission allow me to take hold of your
feed to stay up to date with coming near
near post. Thank you one million and please carry on the rewarding work.
I like the valuable info you provide to your articles.
I’ll bookmark your weblog and take a look at again here frequently.
I’m reasonably sure I will be informed many
new stuff right right here! Best of luck for the next!
A motivating discussion is worth comment. There’s no doubt that that you ought to publish more about this topic, it might not be a taboo subject but usually folks don’t speak about these issues.
To the next! Many thanks!!