Faults and Cyber Attacks Detection in Critical Infrastructures

2016 ◽  
pp. 283-289 ◽  
Author(s):  
Yannis Soupionis ◽  
Stavros Ntalampiras ◽  
Georgios Giannopoulos
Keyword(s):  
Cyber Attacks ◽  
Critical Infrastructures

scholarly journals A review: towards practical attack taxonomy for industrial control systems

2018 ◽  
Vol 7 (2.14) ◽  
pp. 145 ◽  
Author(s):  
Qais Saif Qassim ◽  
Norziana Jamil ◽  
Razali Jidin ◽  
Mohd Ezanee Rusli ◽  
Md Nabil Ahmad Zawawi ◽  
...  
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada System ◽  
Water Transportation ◽  
Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.  

scholarly journals The Challenge of Cyber Attacks in the “Information Age” and the Jus Ad Bellum

2019 ◽  
Vol 5 (2) ◽  
pp. 79
Author(s):  
Pshtiwan Mohammed Qader
Keyword(s):  
International Law ◽  
Use Of Force ◽  
Information Age ◽  
Cyber Attacks ◽  
Armed Force ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Armed Attack ◽  
Self Defense ◽  
The Right

The present paper examines the problem of cyber-attacks under existing international law. It takes the view that the (United Nations) UN Charter provisions on the use of force can be extended to cyber-attacks by means of interpretation although the relevant provisions do not explicitly address such issue. This Article argues that cyber-attacks resulting in material damage or destruction to property, death or injury to persons, or severe disruption of the functioning of critical infrastructures can be characterized as use of armed force and therefore violate the prohibition contained in article 2(4) of the Charter. However, cyber-attacks not resulting in the above consequences may be illegal intervention in the internal affairs of other states if such attacks are coercive in nature. In addition, the current study discusses that a cyber-attack which amounts to a use of armed force per se is not sufficient to give the victim state the right to self-defense, unless its scale and effects are equivalent to those of a conventional armed attack. Finally, the study concludes that an international cyber treaty is truly necessary to more effectively address cyber-attacks.

Economic Impact of Cyber Attacks on Critical Infrastructures

2019 ◽  
pp. 291-314
Author(s):  
Merve Şener
Keyword(s):  
Economic Impact ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Economic Losses ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Network Systems ◽  
Financial Losses

Critical infrastructures ensure that activities that are vital and important for individuals can be safely delivered to the society uninterruptedly. The damage on these critical infrastructures caused by cyber-attacks whose control is carried out through computers and network systems is very large. Cyber-attacks directly or indirectly affect companies, institutions, and organizations economically and cause great financial losses. In this chapter, two different categories, energy and finance sector, which are described as critical infrastructure, are discussed; cyber-attacks carried out on these sectors, cyber-attack weapons, and economic losses caused by these attacks are examined.

SCADA Systems Cyber Security for Critical Infrastructures

2020 ◽  
pp. 446-464
Author(s):  
Suhaila Ismail ◽  
Elena Sitnikova ◽  
Jill Slay
Keyword(s):  
Decision Making ◽  
Data Acquisition ◽  
Case Studies ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Physical Injury ◽  
The Public ◽  
Psychological Theories ◽  
Scada Systems

Past cyber-attacks on Supervisory Control and Data Acquisition (SCADA) Systems for Critical infrastructures have left these systems compromised and caused financial and economic problems. Deliberate attacks have resulted in denial of services and physical injury to the public in certain cases. This study explores the past attacks on SCADA Systems by examining nine case studies across multiple utility sectors including transport, energy and water and sewage sector. These case studies will be further analysed according to the cyber-terrorist decision-making theories including strategic, organisational and psychological theories based on McCormick (2000). Next, this study will look into cyber-terrorist capabilities in conducting attacks according to Nelson's (1999) approach that includes simple-unstructured, advance-structured and complex-coordinated capabilities. The results of this study will form the basis of a guideline that organisations can use so that they are better prepared in identifying potential future cybersecurity attacks on their SCADA systems.

Risk Assessment for Physical and Cyber Attacks on Critical Infrastructures

2006 ◽  
Author(s):  
J. Depoy ◽  
J. Phelan ◽  
P. Sholander ◽  
B. Smith ◽  
G.B. Varnado ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Cyber Attacks ◽  
Critical Infrastructures

scholarly journals Urban resilience in the making? The governance of critical infrastructures in German cities

Urban Studies ◽  
2019 ◽  
Vol 56 (11) ◽  
pp. 2353-2371 ◽  
Author(s):  
Jochen Monstadt ◽  
Martin Schmidt
Keyword(s):  
Risk Mitigation ◽  
Cyber Attacks ◽  
Decision Makers ◽  
Critical Infrastructures ◽  
Urban Resilience ◽  
Considerable Uncertainty ◽  
Utility Companies ◽  
Local Decision ◽  
German Cities ◽  
Local Decision Makers

Over the last decade, the protection of urban infrastructures has become a focus in German security policies. These point not solely to the multiple external infrastructural threats (e.g. natural disasters, terrorist and cyber-attacks), but also to the endogenous risks of cascading failures across geographical and functional borders that arise from interlocking and often mutually dependent infrastructures. As geographical nodes in infrastructurally mediated flows, cities are considered to be particularly vulnerable to infrastructure breakdowns. Their capability to prevent and to prepare for infrastructural failures, and thus to manage infrastructural interdependencies, is seen as a major prerequisite for resilient societies. However, as our article demonstrates, the institutional capacity of the local authorities and utility companies for risk mitigation and preparedness is limited. Drawing on qualitative research in selected German cities, we argue that the governance of critical infrastructures involves considerable challenges: it overarches different, often fragmented, policy domains and territories and institutionally unbundled utility (sub-) domains. Moreover, risk mitigation and preparedness are usually not based on experience from past events, but on destructive scenarios. They involve considerable uncertainty and contestations among local decision-makers. Interviews with local experts indicate that effective governance of critical infrastructures requires more regulatory efforts by national policies. At the same time, they point to the need for identifying and assessing place-based vulnerabilities, for defining locally differentiated mitigation and preparedness strategies and for the training of local utility companies as well as crisis management.

scholarly journals Cross-Domain Security Asset Management for Healthcare

2021 ◽  
pp. 139-154
Author(s):  
Federico Stirano ◽  
Francesco Lubrano ◽  
Giacomo Vitali ◽  
Fabrizio Bertone ◽  
Giuseppe Varavallo ◽  
...  
Keyword(s):  
Asset Management ◽  
National Health System ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Security Systems ◽  
Cross Domain ◽  
It Systems ◽  
Attack Scenario ◽  
The Status ◽  
Advanced Knowledge

AbstractHealthcare is one of the most peculiar between all Critical Infrastructures due to its context and role in the society. The characteristics of openness and pervasive usage of IT systems and connected devices make it particularly exposed to both physical threats, such as theft and unauthorized access to restricted areas, and cyber attacks, like the notorious wannacry ransomware that abruptly disrupted the British National Health System in May 2017. Even the recent COVID-19 pandemic period has been negatively characterized by an increase of both physical and cyber incidents that specifically targeted hospitals and undermined an essential public service like healthcare. Effective security solutions are necessary in order to protect and enhance the resiliency of the Critical Infrastructures. This paper presents the work being developed in the context of the SAFECARE H2020 project, that specifically considers the requirements for security of hospitals. A particular focus is given to the asset management that consider cross-domain aspects of security, like the physical location and virtual connections that link different components of a hospital. This allows advanced knowledge that enables to infer and forewarn of possible elaborated cyber-physical kill chains. This is particularly important and useful during crisis, as allows to have a holistic overview of the status of the hospital and the potential impacts of one or more incidents to the critical assets. The description and simulation of an attack scenario is also given, together with the description of the messages exchanged by the security systems and the information made available to security operators.

scholarly journals Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework

2021 ◽  
Vol 11 (16) ◽  
pp. 7738
Author(s):  
Kyounggon Kim ◽  
Faisal Abdulaziz Alfouzan ◽  
Huykang Kim
Keyword(s):  
Cyber Security ◽  
Personal Information ◽  
Cyber Attacks ◽  
The Internet ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Security Framework ◽  
Scoring Model ◽  
Advanced Persistent Threats ◽  
The World

Cyber-attacks have become commonplace in the world of the Internet. The nature of cyber-attacks is gradually changing. Early cyber-attacks were usually conducted by curious personal hackers who used simple techniques to hack homepages and steal personal information. Lately, cyber attackers have started using sophisticated cyber-attack techniques that enable them to retrieve national confidential information beyond the theft of personal information or defacing websites. These sophisticated and advanced cyber-attacks can disrupt the critical infrastructures of a nation. Much research regarding cyber-attacks has been conducted; however, there has been a lack of research related to measuring cyber-attacks from the perspective of offensive cybersecurity. This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract. For this purpose, we identified each element of offensive cybersecurity used in cyber-attacks. We also investigated the extent to which the detailed techniques identified in the offensive cyber-security framework were used, by analyzing cyber-attacks. Based on these investigations, the complexity and intensity of cyber-attacks can be measured and quantified. We evaluated advanced persistent threats (APT) and fileless cyber-attacks that occurred between 2010 and 2020 based on the methodology we developed. Based on our research methodology, we expect that researchers will be able to measure future cyber-attacks.

Sign in / Sign up

Export Citation Format

Share Document