Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
My partner and I stumbled over here from a different web address and thought I might as well check things out.
I like what I see so now i am following you.
Look forward to looking at your web page again.
After I initially commented I appear to have clicked on the -Notify me when new
comments are added- checkbox and from now on each time a comment is added I receive 4 emails with the exact
same comment. There has to be an easy method you can remove me from that service?
Thanks!
If you are going for best contents like myself, just go to see this
web page all the time for the reason that it gives quality
contents, thanks
Cyberattack on Critical Infrastructure – Pentesting.id
I really like it when people get together and share views. Great blog, keep it up!
Cyberattack on Critical Infrastructure – Pentesting.id
togel hongkong http://old.ordek.ru/go/?url=http%3A%2F%2F200.1.25.44%2Fuserinfo.php%3Fuid%3D1671113
I’m not sure exactly why but this web site is loading extremely slow for me.
Is anyone else having this problem or is
it a problem on my end? I’ll check back later on and see if the problem still exists.
When someone writes an article he/she maintains the idea of a
user in his/her brain that how a user can know it.
Thus that’s why this post is outstdanding.
Thanks!
Cyberattack on Critical Infrastructure – Pentesting.id
togel hongkong http://www.prepadees.fr/redirect.php?url=http%3A%2F%2F200.1.25.44%2Fuserinfo.php%3Fuid%3D1671113
Hi! Do you know if they make any plugins to assist with SEO? I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good success. If you know of any please share. Thanks!
index instafollowers good website.
Hey! This post couldn’t be written any better!
Reading through this post reminds me of my good old room mate!
He always kept talking about this. I will forward this write-up to
him. Pretty sure he will have a good read. Many thanks for
sharing!
I’m impressed, I must say. Seldom do I come across a blog that’s both educative and entertaining, and without a doubt, you’ve hit
the nail on the head. The problem is something that too few people are speaking
intelligently about. I am very happy that I stumbled
across this in my hunt for something regarding this.
Good post. I learn something totally new and challenging on blogs I stumbleupon everyday.
It’s always exciting to read articles from other authors and
use a little something from other websites.
Howdy! This is kind of off topic but I need some help from an established blog.
Is it tough to set up your own blog? I’m not very techincal but I can figure things out pretty quick.
I’m thinking about setting up my own but I’m not sure where to begin. Do you have any tips or
suggestions? Thank you
I enjoy what you guys tend to be up too. This sort of clever work and reporting!
Keep up the wonderful works guys I’ve added you guys
to our blogroll.
Informative article, totally what I wanted to find.
You really make it seem so easy with your presentation but I find this topic to be actually
something which I think I would never understand.
It seems too complex and extremely broad for me. I’m looking forward for your next
post, I’ll try to get the hang of it!
Whats up are using WordPress for your blog platform? I’m new to the blog world but I’m trying
to get started and create my own. Do you need any coding knowledge
to make your own blog? Any help would be really appreciated!
I love your blog.. very nice colors & theme. Did you create
this website yourself or did you hire someone to do it for you?
Plz answer back as I’m looking to create my own blog
and would like to know where u got this from. many
thanks