Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
It is the best time to make some plans for the future and it is time to be happy.
I’ve read this post and if I could I wish to suggest you
few interesting things or suggestions. Maybe you could
write next articles referring to this article. I want to read more things about it!
Hey I know this is off topic but I was wondering if you knew of any widgets I could add
to my blog that automatically tweet my newest twitter updates.
I’ve been looking for a plug-in like this for quite some time and was hoping maybe you would have some experience with something like this.
Please let me know if you run into anything. I
truly enjoy reading your blog and I look forward
to your new updates.
I’ve been browsing on-line more than 3 hours these days, but
I by no means found any fascinating article like yours.
It is lovely value sufficient for me. In my view, if all web owners and bloggers made
excellent content material as you did, the internet can be a
lot more useful than ever before.
Oh my goodness! Awesome article dude! Thank you so much, However I am going through difficulties with your RSS.
I don’t understand the reason why I am unable to subscribe
to it. Is there anybody else getting identical RSS problems?
Anybody who knows the solution will you kindly respond?
Thanks!!
Informative article, just what I needed.
Hello, of course this article is really good and I have
learned lot of things from it about blogging. thanks.
Heya i’m for the first time here. I came across this board and I find It
truly useful & it helped me out much. I hope to give something back and help others like you helped me.
Hello, I think your website might be having browser
compatibility issues. When I look at your website in Safari, it looks fine but when opening in Internet Explorer, it has some overlapping.
I just wanted to give you a quick heads up! Other then that,
awesome blog!
Hi there! I know this is kind of off topic but I was wondering which
blog platform are you using for this website?
I’m getting tired of WordPress because I’ve had problems with hackers and I’m looking at options for another platform.
I would be awesome if you could point me in the direction of a good platform.
I know this if off topic but I’m looking into starting my own weblog and was
wondering what all is needed to get set up? I’m assuming having a blog like yours would cost a pretty penny?
I’m not very internet savvy so I’m not 100% sure. Any suggestions
or advice would be greatly appreciated. Appreciate it
There’s definately a great deal to find out about this subject.
I really like all of the points you made.
I am no longer positive the place you’re getting
your information, but good topic. I needs to
spend a while finding out more or understanding more.
Thank you for fantastic info I was in search of this info for my mission.
Hi, yup this post is really nice and I have learned lot of things
from it concerning blogging. thanks.
After checking out a few of the blog articles on your site, I honestly appreciate your technique of writing a blog.
I book marked it to my bookmark webpage list and will be
checking back in the near future. Take a look
at my website too and tell me your opinion.
hey there and thank you for your information – I have definitely
picked up anything new from right here. I did however expertise several technical points using this website, as I experienced to
reload the site many times previous to I could get it to load properly.
I had been wondering if your hosting is OK?
Not that I’m complaining, but slow loading instances times will sometimes affect
your placement in google and could damage
your quality score if advertising and marketing with Adwords.
Well I’m adding this RSS to my email and could look out for a lot more of your respective exciting content.
Make sure you update this again very soon.
Please let me know if you’re looking for a article writer
for your weblog. You have some really great articles and
I think I would be a good asset. If you ever want to take some of the load off, I’d really like
to write some articles for your blog in exchange for a link
back to mine. Please send me an email if interested.
Thank you!
Greetings! Quick question that’s completely off topic.
Do you know how to make your site mobile friendly? My website looks weird
when viewing from my apple iphone. I’m trying to find a template or plugin that might be able
to fix this issue. If you have any suggestions, please share.
With thanks!
My partner and I stumbled over here by a different website
and thought I may as well check things out. I like what
I see so now i’m following you. Look forward to exploring your web page again.
I just like the valuable information you supply to your articles.
I will bookmark your blog and test once more here frequently.
I am slightly certain I’ll be informed many new stuff right
here! Best of luck for the following!
With havin so much content do you ever run into any issues of
plagorism or copyright violation? My blog has a lot of exclusive content I’ve either written myself
or outsourced but it appears a lot of it is popping it up
all over the internet without my agreement. Do you know any methods to help protect against content from being stolen? I’d truly
appreciate it.