Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Hello! Would you mind if I share your blog with my zynga group?
There’s a lot of folks that I think would really
appreciate your content. Please let me know. Cheers
I’ve been browsing online greater than three hours lately,
but I never discovered any attention-grabbing article like yours.
It is lovely value sufficient for me. In my view, if all website owners and bloggers made good content material as you probably did,
the internet will likely be a lot more helpful than ever
before.
What’s Going down i am new to this, I stumbled upon this I’ve discovered It positively useful and it
has aided me out loads. I am hoping to contribute &
aid other customers like its helped me. Great job.
Wow! This blog looks just like my old one! It’s on a entirely different subject
but it has pretty much the same page layout and design. Outstanding choice of colors!
Pretty section of content. I just stumbled
upon your site and in accession capital to assert that I
acquire actually enjoyed account your blog posts.
Any way I will be subscribing to your augment and even I
achievement you access consistently rapidly.
There’s certainly a lot to find out about this subject.
I really like all of the points you have made.
You’ve made some good points there. I looked on the web to learn more about the issue and found most people will go along
with your views on this website.
경산출장안마
철원콜걸
W
카지노사이트
I have been browsing online more than 3 hours today, yet I never found any interesting article like yours.
It is pretty worth enough for me. In my opinion,
if all webmasters and bloggers made good content as you
did, the internet will be much more useful than ever before.
Hi there to every body, it’s my first visit of this webpage;
this website contains amazing and truly good material for visitors.
I think this is one of the most important info for me.
And i am glad reading your article. But want to remark on some general
things, The site style is ideal, the articles is really nice :
D. Good job, cheers
Howdy! I simply want to give you a big thumbs up for your
great info you have right here on this post. I will be returning to your blog
for more soon.
Hey just wanted to give you a quick heads up. The text in your post seem to be running off the screen in Internet explorer.
I’m not sure if this is a format issue or something to do with web browser compatibility but I thought I’d post to let you
know. The layout look great though! Hope you get the issue fixed
soon. Cheers
Fabulous, what a blog it is! This website provides helpful facts to us,
keep it up.
Hi there to every one, it’s in fact a pleasant for me to go to see this website, it contains helpful Information.
Hey I know this is off topic but I was wondering if you knew of any
widgets I could add to my blog that automatically
tweet my newest twitter updates. I’ve been looking for a plug-in like this
for quite some time and was hoping maybe you would have some experience
with something like this. Please let me know if you run into anything.
I truly enjoy reading your blog and I look forward to your new updates.
I was suggested this web site by my cousin. I am not sure
whether this post is written by him as nobody else know such detailed about
my problem. You are incredible! Thanks!
Wonderful blog! I found it while surfing around on Yahoo News.
Do you have any tips on how to get listed in Yahoo News?
I’ve been trying for a while but I never seem to get there!
Cheers
Your style is really unique in comparison to
other folks I’ve read stuff from. I appreciate you
for posting when you have the opportunity, Guess I
will just book mark this page.
An intriguing discussion is definitely worth comment.
I think that you should write more on this issue, it may not be a taboo
matter but generally folks don’t speak about such subjects.
To the next! Best wishes!!
Wow, this paragraph is nice, my younger sister is analyzing these
things, therefore I am going to tell her.