Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Hello, just wanted to mention, I liked this
article. It was inspiring. Keep on posting!
It’s a shame you don’t have a donate button! I’d certainly donate to this superb blog!
I guess for now i’ll settle for bookmarking and adding your RSS feed to my Google account.
I look forward to new updates and will talk about this blog
with my Facebook group. Chat soon!
Howdy just wanted to give you a quick heads up. The words in your article seem to be running off the screen in Firefox.
I’m not sure if this is a formatting issue or something to do with browser compatibility
but I thought I’d post to let you know. The design and style look great
though! Hope you get the issue solved soon. Cheers
This website certainly has all of the information and facts I needed concerning
this subject and didn’t know who to ask.
You have made some really good points there. I
looked on the internet for additional information about
the issue and found most individuals will go along with your views on this web site.
It’s in fact very complex in this active life to listen news
on TV, therefore I just use internet for that reason, and obtain the hottest information.
Do you mind if I quote a couple of your articles as long as I provide credit and sources back to your weblog?
My website is in the exact same area of interest as yours and my users would truly benefit from a
lot of the information you provide here. Please let me know if this
okay with you. Thanks!
First off I want to say awesome blog! I had a quick question that I’d
like to ask if you don’t mind. I was curious to find out how you center yourself and clear your thoughts
prior to writing. I’ve had difficulty clearing my mind in getting my thoughts out.
I do take pleasure in writing but it just seems like the first 10 to 15 minutes are usually wasted just trying to figure out
how to begin. Any recommendations or hints? Thank you!
Greate article. Keep posting such kind of info on your site.
Im really impressed by it.
Hey there, You’ve done a fantastic job. I’ll certainly digg it and individually recommend to
my friends. I’m sure they’ll be benefited from this site.
Hey there! I’ve been following your site for some time now and finally got the bravery
to go ahead and give you a shout out from Humble Texas!
Just wanted to mention keep up the good work!
Saved as a favorite, I like your website!
My brother suggested I might like this website.
He was entirely right. This post truly made my day.
You cann’t imagine simply how much time I had spent for this info!
Thanks!
If you desire to improve your know-how only
keep visiting this web site and be updated with the latest news posted here.
Hello to every , as I am really keen of reading this blog’s post to be updated daily.
It carries fastidious data.
All other arms not shown (nearly unplayable).
If you are going for best contents like I do, simply visit this web
page all the time since it provides quality contents, thanks
I was able to find good information from your articles.
Photorealistic dragonfly tattoo – Want a truly realistic looking
dragonfly tattoo. In the present time where we’re sure to be workaholics I am sure we’ll
be able to find sometime to de-stress ourselves with some quality hymns like Agnus Dei by Amy Grant.
They *get* before they *give* – so they come in a good position to inform just the most pertinent details about
their client.
Hi there would you mind letting me know which web host you’re working with?
I’ve loaded your blog in 3 different browsers and I must say this blog loads a lot faster then most.
Can you suggest a good web hosting provider at a fair price?
Many thanks, I appreciate it!
Whats up very nice site!! Man .. Excellent .. Superb
.. I’ll bookmark your website and take the feeds also?
I am glad to find numerous useful info right here within the publish, we’d like work out extra techniques on this regard, thanks for sharing.
. . . . .