Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
I’ve been exploring for a little bit for any high quality articles or
weblog posts in this sort of house . Exploring in Yahoo I finally stumbled upon this website.
Studying this info So i am glad to convey that I have a very good uncanny feeling I found out exactly what
I needed. I so much no doubt will make sure to do not overlook this website and provides it a glance regularly.
Thanks to my father who shared with me concerning this web site, this blog is genuinely remarkable.
These are in fact impressive ideas in concerning blogging.
You have touched some good points here. Any way keep
up wrinting.
It’s perfect time to make a few plans for the long run and it is time to be
happy. I have read this publish and if I may just
I wish to suggest you few interesting issues or advice.
Maybe you could write subsequent articles referring to this article.
I desire to read more things approximately it!
With havin so much written content do you ever run into any issues of
plagorism or copyright violation? My blog has a lot of completely unique content I’ve
either created myself or outsourced but it looks
like a lot of it is popping it up all over the internet without
my agreement. Do you know any ways to help stop content from being stolen? I’d really
appreciate it.
I was wondering if you ever considered changing the layout of your website?
Its very well written; I love what youve got to say.
But maybe you could a little more in the way of content so
people could connect with it better. Youve got an awful lot
of text for only having one or 2 images. Maybe you could space it out better?
Incredible story there. What occurred after? Thanks!
Fantastic goods from you, man. I’ve understand
your stuff previous to and you’re just extremely magnificent.
I actually like what you’ve acquired here, really like
what you’re saying and the way in which you say it.
You make it enjoyable and you still care for to keep it sensible.
I can not wait to read much more from you. This is really
a great site.
Hello to every body, it’s my first pay a quick visit of this blog; this weblog consists of remarkable and
genuinely good information in favor of readers.
I’m curious to find out what blog system you’re using?
I’m having some small security issues with my latest website and I’d like to find
something more risk-free. Do you have any
recommendations?
Normally I don’t read post on blogs, however I would like to say that this write-up very pressured me
to check out and do so! Your writing taste has been surprised me.
Thank you, quite great post.
My spouse and I stumbled over here different website
and thought I might check things out. I like what I see so now
i’m following you. Look forward to going over your web page again.
Good blog you’ve got here.. It’s difficult to find excellent
writing like yours nowadays. I really appreciate individuals like you!
Take care!!
Whats up this is kind of of off topic but I was wondering if blogs use WYSIWYG editors or
if you have to manually code with HTML. I’m starting a blog
soon but have no coding skills so I wanted to get
guidance from someone with experience. Any help would be
greatly appreciated!
Hey there! This post couldn’t be written any better!
Reading this post reminds me of my good old room mate!
He always kept talking about this. I will forward this write-up to him.
Fairly certain he will have a good read. Thanks for sharing!
Thanks , I’ve recently been looking for information about this topic for
a long time and yours is the greatest I’ve discovered till now.
However, what in regards to the bottom line?
Are you positive concerning the supply?
Great post. I was checking continuously this weblog and I’m
inspired! Very useful information particularly the remaining section 🙂 I deal with such info a lot.
I was looking for this particular info for a long time.
Thank you and best of luck.
great publish, very informative. I’m wondering why the other experts
of this sector do not understand this. You must continue
your writing. I am confident, you have a great readers’ base already!
This site was… how do you say it? Relevant!! Finally I’ve found something that helped me.
Many thanks!
It’s an awesome piece of writing in support of all the internet people; they will obtain advantage from it
I am sure.