Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
This website truly has all of the information and facts I wanted concerning this subject and didn’t know who to ask.
I’m not that much of a internet reader to be honest
but your blogs really nice, keep it up! I’ll go ahead and
bookmark your site to come back later on. Many thanks
Thanks for your personal marvelous posting!
I genuinely enjoyed reading it, you may be a great
author.I will be sure to bookmark your blog and will eventually come back down the road.
I want to encourage you to definitely continue your great writing,
have a nice evening!
I like the helpful info you provide in your articles.
I’ll bookmark your weblog and check again here regularly.
I’m quite sure I’ll learn a lot of new stuff right here!
Best of luck for the next!
Howdy! I could have sworn I’ve visited this blog before but after going through some
of the articles I realized it’s new to me. Nonetheless, I’m
certainly pleased I stumbled upon it and I’ll be bookmarking it and checking back regularly!
Admiring the time and effort you put into your website and detailed information you offer.
It’s awesome to come across a blog every once in a while that isn’t the same old rehashed material.
Wonderful read! I’ve bookmarked your site and I’m
including your RSS feeds to my Google account.
We are a bunch of volunteers and starting a new scheme in our community.
Your site offered us with useful info to work on. You have done a
formidable job and our entire community might be grateful to
you.
What’s up friends, good piece of writing and fastidious arguments
commented here, I am actually enjoying by these.
Howdy! I know this is somewhat off topic but I was wondering which blog platform are you using for this website?
I’m getting tired of WordPress because I’ve had problems with hackers and I’m looking at options
for another platform. I would be great if you could point me in the direction of a good
platform.
Hi there! Quick question that’s totally off topic. Do you
know how to make your site mobile friendly? My web site looks weird when browsing
from my apple iphone. I’m trying to find a theme or plugin that might be
able to resolve this problem. If you have any recommendations, please share.
With thanks!
I’ve been exploring for a bit for any high-quality
articles or blog posts on this sort of house .
Exploring in Yahoo I at last stumbled upon this site.
Studying this information So i am satisfied to show that I have a
very excellent uncanny feeling I discovered just what I needed.
I such a lot undoubtedly will make sure to don?t overlook this web site and give it a look regularly.
Wonderful blog! I found it while surfing around on Yahoo News.
Do you have any tips on how to get listed in Yahoo
News? I’ve been trying for a while but I never seem to get there!
Many thanks
If some one wants expert view regarding blogging and site-building
afterward i suggest him/her to pay a quick visit this weblog, Keep
up the fastidious job.
Hi to all, as I am genuinely eager of reading this website’s post to
be updated regularly. It contains nice material.
Link exchange is nothing else but it is just placing the other person’s weblog link on your page at suitable place and other person will also
do similar in support of you.
Good replies in return of this difficulty with solid arguments and
describing all concerning that.
It’s amazing to pay a quick visit this web page and reading the views
of all colleagues on the topic of this post, while I
am also keen of getting familiarity.
Does your site have a contact page? I’m having trouble
locating it but, I’d like to send you an email. I’ve got some recommendations for your blog
you might be interested in hearing. Either way, great blog and I look forward to seeing it develop over time.
You actually make it seem so easy with your presentation however I find this topic to be really
something that I believe I’d by no means understand.
It sort of feels too complex and very broad for me.
I’m having a look forward to your subsequent submit,
I’ll try to get the cling of it!
Great beat ! I would like to apprentice while you amend your website, how could i subscribe for a blog web site?
The account aided me a acceptable deal. I had been a little bit acquainted
of this your broadcast offered bright clear concept