Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
I blog often and I truly appreciate your information.
The article has truly peaked my interest.
I’m going to bookmark your blog and keep checking
for new details about once per week. I opted in for your RSS feed as well.
Whats up are using WordPress for your site platform?
I’m new to the blog world but I’m trying to get started and create my own. Do you need any coding knowledge to make your
own blog? Any help would be greatly appreciated!
My spouse and I stumbled over here coming from a different web
page and thought I might as well check things out.
I like what I see so i am just following you.
Look forward to going over your web page
repeatedly.
Everything is very open with a precise description of the issues.
It was truly informative. Your website is very helpful.
Thanks for sharing!
whoah this weblog is wonderful i love reading your posts.
Keep up the great work! You know, a lot of people are searching around
for this info, you can help them greatly.
The online video games has created its market all over the world and entertaining many players of each age group.
To be successful in this venture, you need to get it straight from a symptom that things hastily done are in most circumstances never done
well. This has become the hottest selection for everyone
that likes excitement.
An interesting discussion is definitely worth comment.
I believe that you need to write more on this
topic, it may not be a taboo subject but typically people
do not discuss these topics. To the next! All the best!!
I have been exploring for a bit for any high-quality articles or weblog posts on this kind of
area . Exploring in Yahoo I finally stumbled upon this site.
Studying this info So i’m happy to exhibit that I have
an incredibly just right uncanny feeling I came upon exactly what I needed.
I most without a doubt will make certain to do not forget this website and provides it a look on a constant basis.
Admiring the time and energy you put into your site and in depth information you offer.
It’s good to come across a blog every once in a while that
isn’t the same unwanted rehashed information. Great read!
I’ve saved your site and I’m adding your RSS feeds to my Google account.
I don’t even know how I ended up here, but I thought
this post was great. I do not know who you are but definitely you are going to a famous blogger if
you aren’t already 😉 Cheers!
Excellent post. I used to be checking constantly this weblog
and I’m inspired! Extremely helpful info particularly the remaining
section 🙂 I care for such information much.
I was seeking this particular info for a very lengthy time.
Thank you and best of luck.
If some one wishes to be updated with newest technologies
then he must be visit this web site and be up to date
all the time.
Right here is the right blog for everyone who wishes to find out about this topic.
You know a whole lot its almost tough to argue with you (not that
I really would want to…HaHa). You certainly put a new spin on a topic that has been discussed for decades.
Excellent stuff, just great!
Incredible points. Outstanding arguments. Keep up the
amazing effort.
Pretty nice post. I just stumbled upon your blog and wanted
to say that I have truly enjoyed surfing around your
blog posts. In any case I’ll be subscribing to your
feed and I hope you write again very soon!
There is certainly a lot to find out about this topic. I like all of the points you’ve made.
Very good article! We will be linking to this particularly great content
on our site. Keep up the good writing.
This is my first time pay a quick visit at here and i am genuinely pleassant to read all
at one place.
What’s up, for all time i used to check weblog posts here early in the morning,
for the reason that i enjoy to gain knowledge of more and more.
Saved as a favorite, I love your site!