Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
I’m amazed, I must say. Seldom do I encounter a blog that’s both
educative and amusing, and let me tell you, you have hit
the nail on the head. The issue is something that too few men and women are speaking intelligently about.
I am very happy that I stumbled across this during my search
for something regarding this.
I enjoy what you guys are usually up too.
This kind of clever work and coverage! Keep up the fantastic works guys I’ve incorporated
you guys to our blogroll.
hello there and thank you for your info – I’ve definitely
picked up anything new from right here. I did however expertise a
few technical issues using this website, as I experienced to reload the website lots of times previous to I could get it
to load correctly. I had been wondering if your hosting
is OK? Not that I’m complaining, but slow loading instances
times will sometimes affect your placement in google and can damage your quality
score if advertising and marketing with Adwords.
Well I am adding this RSS to my e-mail and could look out for a lot more of your respective fascinating
content. Make sure you update this again very soon.
Hey! Would you mind if I share your blog with my facebook group?
There’s a lot of people that I think would really appreciate your
content. Please let me know. Cheers
I don’t even know how I ended up here, but I thought this post was good.
I do not know who you are but certainly you’re going to a famous blogger if you
are not already 😉 Cheers!
Hello, of course this article is genuinely nice and I have learned
lot of things from it about blogging. thanks.
It is appropriate time to make some plans for the
future and it’s time to be happy. I have read this post and if I could I wish to suggest you some interesting things
or advice. Perhaps you could write next articles referring to this article.
I desire to read more things about it!
I have read so many articles or reviews on the topic of the blogger lovers
however this paragraph is in fact a pleasant piece of writing, keep it up.
backlink index bionluk backlinkc
Hi, Neat post. There’s an issue with your site in internet explorer, would test this?
IE still is the market leader and a good element of
folks will leave out your magnificent writing because of this problem.
Hiya! Quick question that’s totally off topic. Do
you know how to make your site mobile friendly? My web
site looks weird when viewing from my apple iphone.
I’m trying to find a theme or plugin that might be able to resolve this
problem. If you have any recommendations, please share.
With thanks!
If you are going for best contents like myself, simply pay a visit
this web page everyday as it provides quality contents,
thanks
You’re so interesting! I do not believe I have read through a single
thing like this before. So great to find someone with a few genuine
thoughts on this subject. Seriously.. many thanks for starting this up.
This site is something that is required on the internet, someone
with some originality!
I was suggested this website by my cousin. I am not
sure whether this post is written by him as nobody else know such detailed about my trouble.
You are incredible! Thanks!
Saved as a favorite, I love your web site!
web site indexletme işi.
I like thе valuable information you provide օn your articles.
I’ll bookmark your blog and check once more һere regularly.
I’m fairly ѕure Ι’ll Ƅe told lots of new stuff riցht hегe!
Goօԁ luck for thе folⅼoᴡing!
You actually make it appear really easy with your presentation but I in finding this topic to be actually one thing that I believe I’d by no
means understand. It kind of feels too complex and very extensive for me.
I’m having a look forward on your next post, I’ll attempt to
get the hold of it!
Do you mind if I quote a couple of your articles as long as I provide credit
and sources back to your website? My blog is in the very same area of interest as yours and my visitors would genuinely benefit from some of the information you provide here.
Please let me know if this ok with you. Many thanks!
Ahaa, its pleasant conversation on the topic of this paragraph here at this web site, I have
read all that, so now me also commenting here.