Do you know that The Stuxnet worm, discovered in 2010, succeeded in infecting the most secure nuclear facilities by using physical devices (USB flash drives)?
Do you know in 2016 , two nuclear powerplan in Belgium were locked down by terrorist?
Do you know that on 17-18 December 2016 Ukraine power blackout because cyberattack on powerplan system?
Terrorist attacking workstations and Supervisory Control and Data Acquisition (SCADA) systems. Cyber-attacks (by cyber terrorist or cyber-warframe that international conflicts) against Critical Infrastructures are gaining steam. Because stealth nature and potential to cause physical damage without deploying soldiers or utilizing traditional weapons, in many situations cyber-attack is the preferred method of attack.
Critical infrastructure is an asset or system which is essential for the maintenance of vital societal functions. The damage to a critical infrastructure, its destruction or disruption by natural disasters, terrorism, criminal activity or malicious behaviour, may have a significant negative impact for the security of country and the well-being of its citizens.
The following sectors and industries are widely considered to be critical infrastructure:
| Sectors | Industries |
| Energy | • Electricity
• Natural gas • Oil |
| Information and Communication Technology (ICT) | • Telecommunications (including satellites)
• Broadcasting systems • Software, hardware and networks (including the Internet) |
| Traffic and transportation | • Shipping
• Aviation • Rail transport • Road traffic • Logistics |
| Healthcare | • Healthcare
• Medicines and vaccines • Laboratories |
| Water supply | • Dams
• Storage • Treatment and distribution networks |
| Finance and insurance | • Banks
• Stock exchanges • Insurance companies • Financial services |
| Government and administration | • Government
• Parliament • Legal institutions • Emergency services |
| Nutrition and agriculture | • Food trade
• Agriculture |
| Media and cultural assets | • Radio
• Press • Symbolic buildings |
Source : National Infrastructure Protection Plan (NIPP), p. 109: U.S. Department of Homeland Security.
Cyber-attack or cyber-threat on Critical Infrastructure (CI) it have various type, but usually may include :
- Manipulate system or data – such as malware that exploit vulnerabilities in computer software and hardware components necessary for operation of CI’s;
- Shutdown crucial system – such as DDoS attacks;
- Limit access to crucial systems or information – such as through ransomware attack.
While interconnected and integrated computerized control system have significantly streamlined the way in which CIs operated and increased connectivity that mean also increase the attack surface and therefore expose Cis to a high risk of manipulation. There is table of threat in Industrial Control System :
| No. | Threat | Explanation |
| 1 | Unauthorized use of remote maintenance access points | Maintenance access points are deliberately created external entrances to the ICs network and are often insufficiently secure |
| 2 | Online attacks via office or enterprise networks | Office IT is usually linked to the network in several ways.
In most case, network connection from offices to the ICS network also exist, so attacker can gain access via this route. |
| 3 | Attacks on standard components used in the Cis network | Standard IT components (commercial off-the-shelf) such as systems software, application servers or databases often contain flaws or vulnerabilities, which can be exploited by attackers. If these standard components are also used in the ICs network, the risk of a successful attack on the ICs network increases. |
| 4 | DDoS attacks | Distributed Denial of Services attacks can impair network connection and essential resources and cause systems to fail – in order to disrupt the operation of ICs, for instance. |
| 5 | Human error and sabotage | Intentional deeds – whether by internal or external perpretators – are a massive threat to all protection targets. Negligence and human error are also a great threat, especially in relation to the protection targets confidentiality and availability. |
| 6 | Introducing malware via removable media and external hardware | The use of removable media and mobile IT components of external staff always entails great risk of malware infection. |
| 7 | Reading and writing news in the ICs network | Most control components currently use clear text protocols, so communication is unprotected. This makes it relativelyeasy to read and introduce control commands. |
| 8 | Unauthorized access to resources | Internal perpetrators and subsequent attacks following initial external penetration have it especially easy if services and components in the process network do not utilize authentication methods or if the methods are insecure. |
| 9 | Attacks on network components | Attacekrs can manipulate network component in order to carry out man-in-the-middle attacks or to make sniffing easier, for example. |
| 10 | Technical Malfunctions or force majeure | Outage resulting from extreame weather or technical malfunctions can occur at any time – risk and potential damage can only be minimazes in such cases. |
Source : OSCE 2013
Bims.
Asking questions are truly pleasant thing if you are not understanding something completely,
however this paragraph presents pleasant understanding even.
Hey there! I just wanted to ask if you ever have any trouble with hackers?
My last blog (wordpress) was hacked and I ended up losing
months of hard work due to no backup. Do you have any solutions
to prevent hackers?
This website was… how do you say it? Relevant!!
Finally I’ve found something that helped me. Many thanks!
Hey there! I know this is kinda off topic but I’d figured I’d ask.
Would you be interested in trading links or maybe guest writing a blog article or vice-versa?
My website covers a lot of the same topics as yours
and I think we could greatly benefit from each other.
If you’re interested feel free to shoot me an e-mail. I look forward to hearing
from you! Excellent blog by the way!
Hi just wanted to give you a brief heads up and let you know a few of the pictures aren’t loading properly.
I’m not sure why but I think its a linking issue.
I’ve tried it in two different browsers and both show the same results.
We’re a group of volunteers and starting a new scheme in our community.
Your website provided us with useful information to work on. You
have performed a formidable task and our whole group
can be thankful to you.
Awesome blog! Do you have any hints for aspiring writers?
I’m hoping to start my own website soon but I’m a little lost on everything.
Would you propose starting with a free platform like WordPress or go for a paid option? There are so many options out there
that I’m completely confused .. Any recommendations? Thanks!
Its such as you learn my thoughts! You appear to know so much approximately this,
like you wrote the e-book in it or something.
I think that you simply can do with a few % to force the
message home a little bit, however other than that, that is great blog.
A fantastic read. I will definitely be back.
I’m impressed, I mus say. Rarely do I encounter a blog that’s
eqally educative and engaging, and let me tell you, you have hit the nail on the head.
The problem is something not enough people are speaking intelligently about.
Now i’m very hzppy that I came across this during my hunt for something relating to
this.
Hi there to all, it’s really a good for
me to visit this web page, it contains important Information.
This piece of writing is truly a pleasant one it helps new net users, who
are wishing in favor of blogging.
No matter if some one searches for his vital thing, therefore he/she needs to be available that in detail,
thus that thing is maintained over here.
Excellent goods from you, man. I have keep in mind your stuff previous
to and you’re just extremely fantastic. I actually like
what you have received here, really like what you are
saying and the way through which you say it. You’re making it entertaining and you continue to take care of
to keep it wise. I can’t wait to learn far more from you.
That is really a wonderful web site.
You actually make it seem so easy with your presentation but I find this topic to be
actually something that I think I would never understand.
It seems too compicated and extremely broad for me. I’m
looking forward for your next post, I will try to get the hang of it!
Of that number, 148,000 are in 490 evacuation centers.
Hi there, I discovered your blog via Google while looking
for a comparable matter, your site got here up, it seems to be good.
I’ve bookmarked it in my google bookmarks.
Hello there, simply become alert to your blog via Google, and located that it
is really informative. I’m gonna be careful for brussels. I’ll be grateful in the event you proceed this in future.
Many other people might be benefited from your writing. Cheers!
Hi there, I found your blog via Google even as looking for
a related topic, your site got here up, it
appears good. I have bookmarked it in my google bookmarks.
Hello there, simply become aware of your blog thru Google, and found that it is really informative.
I am gonna be careful for brussels. I’ll be grateful in the event you proceed this in future.
Lots of folks can be benefited out of your writing.
Cheers!
I know this if off topic but I’m looking into starting my own blog and
was curious what all is required to get setup?
I’m assuming having a blog like yours would cost a pretty
penny? I’m not very internet smart so I’m
not 100% sure. Any recommendations or advice would be greatly appreciated.
Cheers
Nice blog! Is your theme custom made or did you
download it from somewhere? A design like yours with a few simple adjustements would really make my
blog shine. Please let me know where you got your design. With thanks
I was suggested this website by means of my cousin. I am no
longer sure whether or not this put up is written via
him as nobody else realize such distinct about my trouble. You’re incredible!
Thank you!