Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Heya i am for the first time here. I came across this board and I find It truly useful & it helped me out a lot.
I hope to offer something back and aid others like you aided me.
Great post. I was checking constantly this blog and I am impressed!
Extremely helpful information particularly the last part 🙂
I care for such info much. I was looking for this particular
information for a very long time. Thank you
and good luck.
Hello there I am so grateful I found your webpage,
I really found you by error, while I was looking on Digg for something else, Anyways
I am here now and would just like to say many thanks for a fantastic
post and a all round interesting blog (I also love the theme/design), I don’t have time to read through it all at the minute but I have book-marked it and also added in your RSS feeds, so when I have time I will be back to read
a lot more, Please do keep up the superb job.
Hi there I am so happy I found your website, I really found you
by mistake, while I was searching on Google for something else, Nonetheless I am here now and would just like to
say cheers for a remarkable post and a all round exciting blog (I also love the theme/design), I
don’t have time to browse it all at the moment but I have book-marked it and also
added your RSS feeds, so when I have time I
will be back to read more, Please do keep up the fantastic b.
You really make it seem so easy with your presentation however I in finding this
topic to be actually one thing that I feel I’d by no means understand.
It seems too complex and very large for me. I am having a look forward in your subsequent post, I’ll attempt to get the dangle of it!
I got this website from my friend who told me on the
topic of this web page and at the moment this time I am visiting this site and reading very informative articles at this place.
This is a topic that is close to my heart… Cheers!
Exactly where are your contact details though?
When I initially commented I clicked the “Notify me when new comments are added” checkbox and
now each time a comment is added I get three e-mails with the same comment.
Is there any way you can remove people from that service?
Thanks a lot!
Marvelous, what a web site it is! This weblog gives helpful facts
to us, keep it up.
I’ve been browsing online more than three hours today, yet I never found any interesting article like yours.
It is pretty worth enough for me. In my opinion, if all
webmasters and bloggers made good content as you did,
the web will be much more useful than ever before.
I am really impressed with your writing skills as well
as with the layout on your blog. Is this a paid theme or did you modify it yourself?
Anyway keep up the nice quality writing, it’s rare to see a great blog like this
one today.
Hello there, I found your site by the use of
Google whilst looking for a comparable matter, your web site got here up,
it looks great. I have bookmarked it in my google
bookmarks.
Hello there, simply changed into aware of your blog via Google, and found that
it’s truly informative. I am going to watch out for brussels.
I’ll be grateful if you continue this in future. Many other folks
can be benefited out of your writing. Cheers!
Tank you a bunch for sharing this with all folks you really know
what you are speakong approximately! Bookmarked.
Please also talk over with my website =). We could have a link exchange agreement
among us!
Film streaming gratuit HD/4K en VF HDss, Film en streaming,
Regarder meilleurs Films sur hdss.to GRATUIT.
Its like you read my mind! You seem to know so much about this, like you wrote
the book in it or something. I think that you can do with some pics to drive the
message home a bit, but other than that, this is magnificent blog.
A fantastic read. I’ll certainly be back.
làm vách thạch cao phòng ngủ quận 6
An outstanding share! I have just forwarded this onto a friend who
had been conducting a little homework on this.
And he in fact bought me dinner simply because I stumbled upon it for him…
lol. So let me reword this…. Thanks for the meal!! But yeah, thanks for spending the time to discuss this matter here
on your web page.
This is a really good tip especially to those new to the blogosphere.
Simple but very accurate information… Thank you for sharing
this one. A must read post!
They are not new text messaging acronyms – these are actually acronyms
for gaming and this article is going to introduce you to many of the more widespread forms.
One of the most popular sites that your particular teens
may wish to visit is dress up the portals
that incorporate games for teens that they’re going to enjoy.
Usually many gamblers lose a good deal simply because they don’t distribute their set budget.
The online on-line computer games has made its market worldwide and entertaining
many players of the age group. One of the most popular sites
that your teens may want to visit is spice up the portals which contain games for teens that they’re going to enjoy.
There are a lots of people who use these games like
a stress buster on their own and the others find then fun after
a long day of work.
Hi there are using WordPress for your blog platform? I’m new to the blog world but I’m trying to
get started and set up my own. Do you require any html coding expertise to make
your own blog? Any help would be really appreciated!