Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Yesterday, while I was at work, my sister stole my apple
ipad and tested to see if it can survive a twenty five foot drop, just so she can be
a youtube sensation. My iPad is now destroyed and she has
83 views. I know this is completely off topic but I had to share it with someone!
I absolutely love your website.. Pleasant colors & theme.
Did you create this website yourself? Please reply back
as I’m attempting to create my very own blog and would love to know where you got this from or just what the theme is called.
Many thanks!
If some one wishes to be updated with most up-to-date technologies
after that he must be pay a visit this web site and be up to date everyday.
This post provides clear idea in favor of the new people of blogging, that
actually how to do running a blog.
It’s a pity you don’t have a donate button! I’d certainly donate to
this superb blog! I suppose for now i’ll settle for bookmarking and adding your RSS feed
to my Google account. I look forward to new updates and
will talk about this site with my Facebook group. Chat soon!
It’s truly a great and useful piece of information. I am satisfied that you simply shared this helpful info with us.
Please keep us up to date like this. Thank you for sharing.
Asking questions are actually pleasant thing if you are not
understanding anything entirely, but this piece of writing offers good understanding yet.
That is really attention-grabbing, You’re
an excessively professional blogger. I’ve joined your feed and
stay up for in search of more of your magnificent post.
Additionally, I’ve shared your site in my social networks
Hi, i think that i saw you visited my site so i came to
“return the favor”.I’m trying to find things to enhance my web site!I suppose its ok to use some of your ideas!!
Your style is so unique in comparison to other people I’ve read stuff from.
Thank you for posting when you’ve got the opportunity, Guess
I’ll just book mark this web site.
I have read so many articles regarding the blogger lovers but this piece
of writing is actually a good article, keep it up.
If you want to be considered a concert pianist then ten hours a day should just about cover it, or maybe start at thirty minutes every day
and gradually evolve your practice time to what you look for to do
with your new talent. A lot of Holland paintings appeared fully mature flowers and fruits which collapsed beneath the accumulated materials and pigments and stood side b side with other
withered flowers or fruits swollen by worms.
The final script : When all the required additions and deletions from
the draft script are approved.
It’s not my first time to visit this web site, i am visiting this site dailly and get nice information from here everyday.
Its like you read my mind! You appear to know a lot about
this, like you wrote the book in it or something. I think that you can do with a few pics to drive the message home a bit, but instead of that, this is excellent blog.
An excellent read. I’ll certainly be back.
Greetings from Florida! I’m bored at work so
I decided to check out your site on my iphone during lunch
break. I love the info you present here and can’t wait to take a look when I get home.
I’m shocked at how fast your blog loaded on my
phone .. I’m not even using WIFI, just 3G ..
Anyways, good site!
Hi there just wanted to give you a quick heads up and let you know a few of the pictures aren’t
loading correctly. I’m not sure why but I think its
a linking issue. I’ve tried it in two different web browsers and both show the same
results.
I do not know if it’s just me or if everyone else experiencing problems with your blog.
It appears as if some of the written text on your content are
running off the screen. Can somebody else please
provide feedback and let me know if this is happening to them too?
This might be a problem with my browser because I’ve had this happen before.
Thanks
Wonderful beat ! I wish to apprentice even as you amend your site, how can i subscribe for a blog web site?
The account aided me a appropriate deal. I have been a little bit acquainted of
this your broadcast provided vivid clear idea
This page really has all the information I needed about this subject and didn’t know who to ask.
Thank you, I have just been looking for info approximately this topic for a while and yours is
the best I have found out till now. But, what about the conclusion? Are you
sure concerning the source?