Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
What’s up Dear, are you genuinely visiting this site on a
regular basis, if so after that you will absolutely obtain nice knowledge.
Thanks for one’s marvelous posting! I quite enjoyed reading it,
you might be a great author. I will remember to bookmark your blog and will come back
someday. I want to encourage yourself to continue your great job,
have a nice morning!
Hey there! This post couldn’t be written any better!
Reading through this post reminds me of my good old room mate!
He always kept talking about this. I will forward
this write-up to him. Pretty sure he will have a good read.
Thanks for sharing!
Great delivery. Great arguments. Keep up the great work.
I am really inspired together with your writing talents as neatly as with the format to your blog.
Is that this a paid subject matter or did you modify
it your self? Either way stay up the excellent quality writing, it
is uncommon to see a great weblog like this one these days..
I every time used to read paragraph in news papers but now as I am
a user of web therefore from now I am using net for posts, thanks to
web.
Greetings from Colorado! I’m bored to tears at work so I
decided to browse your website on my iphone during lunch break.
I really like the information you present here and can’t wait to take
a look when I get home. I’m shocked at how quick your blog loaded
on my phone .. I’m not even using WIFI, just 3G ..
Anyhow, great blog!
Hi my friend! I wish to say that this post is awesome,
great written and include almost all significant infos.
I would like to look more posts like this .
Very nice article, totally what I needed.
It is appropriate time to make some plans for the future
and it’s time to be happy. I have read this post
and if I could I desire to suggest you some interesting
things or advice. Maybe you could write next articles referring to this article.
I want to read even more things about it!
Hi there, the whole thing is going well here and ofcourse every one is sharing data, that’s really fine, keep up writing.
I know this site presents quality depending articles and
additional material, is there any other web
page which provides these kinds of information in quality?
When some one searches for his required thing, therefore he/she
desires to be available that in detail, thus that thing is maintained over here.
We are a group of volunteers and opening a new scheme in our community.
Your web site provided us with valuable information to work on.
You have done a formidable job and our whole community will be grateful to you.
Hey there! This post couldn’t be written any better! Reading this
post reminds me of my old room mate! He always kept talking about this.
I will forward this page to him. Pretty sure he will
have a good read. Thank you for sharing!
If you wish for to increase your familiarity just keep visiting this site and be updated with the most up-to-date news posted here.
Hi there everyone, it’s my first pay a visit at this web page, and post is actually fruitful designed for me,
keep up posting such articles or reviews.
Sweet blog! I found it while searching on Yahoo News. Do
you have any tips on how to get listed in Yahoo News?
I’ve been trying for a while but I never seem to get there!
Appreciate it
Hello there! This is my 1st comment here so I just wanted
to give a quick shout out and say I truly enjoy reading through your articles.
Can you suggest any other blogs/websites/forums that go over the
same subjects? Thank you!
It’s fantastic that you are getting ideas from this article as well
as from our dialogue made here.