scholarly journals Cyber Attacks on Critical Infrastructure

2016 ◽  
pp. 448-465
Author(s):  
Ana Kovacevic ◽  
Dragana Nikolic
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Future Directions ◽  
Infrastructure Systems ◽  
Cyber Threats ◽  
Scada Systems ◽  
Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Cyber Attacks on Critical Infrastructure

2015 ◽  
pp. 1-18 ◽  
Author(s):  
Ana Kovacevic ◽  
Dragana Nikolic
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Future Directions ◽  
Infrastructure Systems ◽  
Cyber Threats ◽  
Scada Systems ◽  
Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

scholarly journals Beyond Physical Threats: Cyber-attacks on Critical Infrastructure as a Challenge of Changing Security Environment – Overview of Cyber-security legislation and implementation in SEE Countries

2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Ivana Cesarec
Keyword(s):  
European Union ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Member States ◽  
Industrial Control Systems ◽  
Eu Member States ◽  
Cyber Threats

States, organizations and individuals are becoming targets of both individual and state-sponsored cyber-attacks, by those who recognize the impact of disrupting security systems and effect to people and governments. The energy sector is seen as one of the main targets of cyber-attacks against critical infrastructure, but transport, public sector services, telecommunications and critical (manufacturing) industries are also very vulnerable. One of most used example of cyber-attack is the Ukraine power grid attack in 2015 that left 230,000 people without power for up to 6 hours. Another most high profile example of a cyber-attack against critical infrastructure is the Stuxnet computer virus (first used on Iranian nuclear facility) which could be adapted to attack the SCADA systems (industrial control systems) used by many critical infrastructures in Europe.Wide range of critical infrastructure sectors are reliant on industrial control systems for monitoring processes and controlling physical devices (sensors, pumps, etc.) and for that reason, physical connected devices that support industrial processes are becoming more vulnerable. Not all critical infrastructure operators in all sectors are adequately prepared to manage protection (and raise resilience) effectively across both cyber and physical environments. Additionally there are few challenges in implementation of protection measures, such as lack of collaboration between private and public sector and low levels of awareness on existence of national key legislation.From supranational aspect, in relation to this papers topic, the European Union has took first step in defense to cyber threats in 2016 with „Directive on security of network and information systems“ (NIS Directive) by prescribing member states to adopt more rigid cyber-security standards. The aim of directive is to improve the deterrent and increase the EU’s defenses and reactions to cyber attacks by expanding the cyber security capacity, increasing collaboration at an EU level and introducing measures to prevent risk and handle cyber incidents. There are lot of other „supporting tools“ for Member States countries, such as European Union Agency for Network and Information Security – ENISA (which organize regular cyber security exercises at an EU level, including a large and comprehensive exercise every two years, raising preparedness of EU states); Network of National Coordination Centers and the European Cybersecurity Industrial, Technology and Research Competence Centre; and Coordinated response to major cyber security incidents and crises (Blueprint) with aim to ensure a rapid and coordinated response to large-scale cyber attacks by setting out suitable processes within the EU.Yet, not all Member States share the same capacities for achieving the highest level of cyber-security. They need to continuously work on enhancing the capability of defense against cyber threats as increased risk to state institutions information and communication systems but also the critical infrastructure objects. In Southeast Europe there are few additional challenges – some countries even don't have designated critical infrastructures (lower level of protection; lack of „clear vision“ of criticality) and critical infrastructures are only perceived through physical prism; non-EU countries are not obligated to follow requirements of European Union and its legislation, and there are interdependencies and transboundary cross-sector effects that needs to be taken in consideration. Critical infrastructure Protection (CIP) is the primary area of action, and for some of SEE countries (like the Republic of Croatia) the implementation of cyber security provisions just complements comprehensive activities which are focused on physical protection.This paper will analyze few segments of how SEE countries cope with new security challenges and on which level are they prepared for cyber-attacks and threats: 1. Which security mechanisms they use; 2. The existing legislation (Acts, Strategies, Plan of Action, etc.) related to cyber threats in correlation with strategic critical infrastructure protection documents. Analysis will have two perspectives: from EU member states and from non-EU member states point of view. Additionally, for EU member states it will be analyzed if there were any cyber security legislation before NIS directive that meets same aims. The aim of research is to have an overall picture of efforts in region regarding cyber-security as possibility for improvement thorough cooperation, organizational measures, etc. providing also some recommendations to reduce the gap in the level of cyber-security development with other regions of EU.

Cyber Security Assessment of NPP I&C Systems

2020 ◽  
pp. 221-238
Author(s):  
Oleksandr Klevtsov ◽  
Artem Symonov ◽  
Serhii Trubchaninov
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Nuclear Power ◽  
Power Plants ◽  
Cyber Attacks ◽  
Security Assessment ◽  
Nuclear Facilities ◽  
Security Risks ◽  
Cyber Threats ◽  
And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

scholarly journals Cyber Resilience Analysis of SCADA Systems in Nuclear Power Plants

2020 ◽  
Author(s):  
Meghan Galiardi ◽  
Amanda Gonzales ◽  
Jamie Thorpe ◽  
Eric Vugrin ◽  
Raymond Fasano ◽  
...  
Keyword(s):  
Control System ◽  
Control Systems ◽  
Cyber Security ◽  
Nuclear Power ◽  
Power Plants ◽  
Nuclear Power Plants ◽  
Cyber Attacks ◽  
Use Case ◽  
Design Features ◽  
Scada Systems

Abstract Aging plants, efficiency goals, and safety needs are driving increased digitalization in nuclear power plants (NPP). Security has always been a key design consideration for NPP architectures, but increased digitalization and the emergence of malware such as Stuxnet, CRASHOVERRIDE, and TRITON that specifically target industrial control systems have heightened concerns about the susceptibility of NPPs to cyber attacks. The cyber security community has come to realize the impossibility of guaranteeing the security of these plants with 100% certainty, so demand for including resilience in NPP architectures is increasing. Whereas cyber security design features often focus on preventing access by cyber threats and ensuring confidentiality, integrity, and availability (CIA) of control systems, cyber resilience design features complement security features by limiting damage, enabling continued operations, and facilitating a rapid recovery from the attack in the event control systems are compromised. This paper introduces the REsilience VeRification UNit (RevRun) toolset, a software platform that was prototyped to support cyber resilience analysis of NPP architectures. Researchers at Sandia National Laboratories have recently developed models of NPP control and SCADA systems using the SCEPTRE platform. SCEPTRE integrates simulation, virtual hardware, software, and actual hardware to model the operation of cyber-physical systems. RevRun can be used to extract data from SCEPTRE experiments and to process that data to produce quantitative resilience metrics of the NPP architecture modeled in SCEPTRE. This paper details how RevRun calculates these metrics in a customizable, repeatable, and automated fashion that limits the burden placed upon the analyst. This paper describes RevRun’s application and use in the context of a hypothetical attack on an NPP control system. The use case specifies the control system and a series of attacks and explores the resilience of the system to the attacks. The use case further shows how to configure RevRun to run experiments, how resilience metrics are calculated, and how the resilience metrics and RevRun tool can be used to conduct the related resilience analysis.

scholarly journals Robotechnical System for Analyzing Cyber-Security of Information Communication Systems and Networks

2018 ◽  
pp. 30-38
Author(s):  
Valeriy Moskovchenko ◽  
Mikhail Gudkov ◽  
Oleg Lauta
Keyword(s):  
Information Systems ◽  
Control Systems ◽  
Communication Networks ◽  
Cyber Security ◽  
Communication Systems ◽  
Cyber Attacks ◽  
Telecommunication Networks ◽  
Cyber Warfare ◽  
Cyber Threats ◽  
Active Attacks

The paper deals with the various aspects of cybernetic confrontation. The authors substantiate the urgency of creating a proactive protection management system and propose hardware and software solutions based on the development of a mobile robotic system. The paper describes the system designed to audit the stability of the network infrastructure to existing and prospective cyber threats, to its architecture and functionality. Cyber warfare marks a new level of armed confrontation. An urgent requirement of the time, taking into account the robotization of weapons and military equipment, is the revision of the principles of building automated control systems, information systems and communication networks from the viewpoint of ensuring cybersecurity. The co-evolution of the cybersecurity system should provide: the detection of new, previously unknown cyber threats (cyber attacks) during the monitoring (exploration) of cyberspace; the automatic selection of the parameters of the functioning of information systems and communication networks under the conditions of destructive effects without deterioration of their main characteristics (cognitive platforms for building information and telecommunication networks). Intelligence in cyberspace requires digital penetration into the network and control systems of a potential enemy and involves the use of completely new sources, forms and methods of data and information collection, development of new intelligence tools and technologies, tactical and technical techniques. Thus, the system of cyber security should be provided for the possibility of pre-emptive hardware and software effects (pre-emptive attacks) and active attacks on information systems and resources of the opposing side, as well as the ability to misinformation by the opposing side of the true properties and parameters of information systems and communication networks.

scholarly journals Enhancing Navigator Competence by Demonstrating Maritime Cyber Security

2018 ◽  
Vol 71 (5) ◽  
pp. 1025-1039 ◽  
Author(s):  
Odd Sveinung Hareide ◽  
Øyvind Jøsok ◽  
Mass Soldal Lund ◽  
Runar Ostnes ◽  
Kirsi Helkala
Keyword(s):  
Work Environment ◽  
Information And Communication Technology ◽  
Communication Technology ◽  
Cyber Security ◽  
Situational Awareness ◽  
Cyber Attacks ◽  
The Internet ◽  
Cyber Attack ◽  
Cyber Threats ◽  
Information And Communication

As technology continues to develop, information and communication technology and operational technology on board ships are increasingly being networked, and more frequently connected to the Internet. The introduction of cyber systems changes the work environment with the aim of decreasing the workload for the navigator, but at the same time introduces more complexity and vulnerabilities that in turn may alter the competencies needed to perform safe and efficient navigation. Contemporary examples of how cyber-attacks can distort situational awareness and interfere with operations are needed to enhance the navigator's competence through increased system awareness. This paper demonstrates some of the possible attack vectors that a cyber-attack can present to a ship, as well as discussing the plausibility and consequences of such attacks. In this study we provide a practical example to better understand how one can demystify cyber threats in order to enhance the navigators' competence.

scholarly journals Improving Security for SCADA Control Systems

10.28945/3185 ◽  
2008 ◽  
Author(s):  
Mariana Hentea
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Global Economy ◽  
Critical Infrastructure ◽  
Well Being ◽  
Operating Conditions ◽  
Monitoring And Control ◽  
Business Systems ◽  
Continuous Growth ◽  
Scada Systems

The continuous growth of cyber security threats and attacks including the increasing sophistication of malware is impacting the security of critical infrastructure, industrial control systems, and Supervisory Control and Data Acquisition (SCADA) control systems. The reliable operation of modern infrastructures depends on computerized systems and SCADA systems. Since the emergence of Internet and World Wide Web technologies, these systems were integrated with business systems and became more exposed to cyber threats. There is a growing concern about the security and safety of the SCADA control systems. The Presidential Decision Directive 63 document established the framework to protect the critical infrastructure and the Presidential document of 2003, the National Strategy to Secure Cyberspace stated that securing SCADA systems is a national priority. The critical infrastructure includes telecommunication, transportation, energy, banking, finance, water supply, emergency services, government services, agriculture, and other fundamental systems and services that are critical to the security, economic prosperity, and social well-being of the public. The critical infrastructure is characterized by interdependencies (physical, cyber, geographic, and logical) and complexity (collections of interacting components). Therefore, information security management principles and processes need to be applied to SCADA systems without exception. Critical infrastructure disruptions can directly and indirectly affect other infrastructures, impact large geographic regions, and send ripples throughout the national and global economy. For example, under normal operating conditions, the electric power infrastructure requires fuels (natural gas and petroleum), transportation, water, banking and finance, telecommunication, and SCADA systems for monitoring and control.

scholarly journals Impact of Cyber Threats to Nuclear Facility

2020 ◽  
Vol 9 (6) ◽  
Author(s):  
Erasto Kayumbe ◽  
Lucy Michael
Keyword(s):  
Cyber Security ◽  
Cyber Attacks ◽  
Nuclear Materials ◽  
Main Concern ◽  
Cyber Attack ◽  
Nuclear Facility ◽  
Nuclear Facilities ◽  
Cyber Threats ◽  
Cyber Threat ◽  
Threat Mitigation

International community has been traditionally focusing on physical threats to facilities and pass by the threat of a cyber attack on a facility. All the same, due to the growing threat posed by cyber attacks; cyber security is becoming indispensable component of nuclear facilities and it is setting up itself as a main concern for facility operators and national regulators. Consequently, ensuring the security of nuclear facilities is a considerable element, which gears at avoiding theft of nuclear materials and sabotage. For that reason, this paper was set to examine impact of cyber threats to nuclear facility. Specifically, the paper has examined cyber threats, cyber threats to nuclear facility, impact of cyber threats to nuclear facility. It is concluded that cyber threat to nuclear facility is growing despite numerous effort taken to offset the problem. Thus, there is a need either to design or improve available cyber threat mitigation procedure in order to tone down the problem.

Cyber Attack Detection of I&C Systems in NPPS Based on Physical Process Data

2016 ◽  
Author(s):  
Jianghai Li ◽  
Xiaojin Huang
Keyword(s):  
Control Systems ◽  
Physical Process ◽  
Cyber Security ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Information Networks ◽  
Cyber Attack ◽  
Process Data ◽  
Cyber Defense ◽  
Multiple Variables

The cyber security problem is posing new challenges to the current safety analysis of nuclear power plants. Historically, analogue control systems in the absence of interactive communications are immune to cyber-attacks; however, digital control systems with extensive interconnection of reprogrammable components are intensely vulnerable to cyber-attacks which shed light on the significance and urgency of the cyber security. The current cyber security approaches, which merely focus on information networks, have not given multi-faceted considerations to instrumentation and control (I&C) systems. The cyber-attack on I&C systems may lead to more severe consequences, including the abnormal change of parameters, the malfunction of equipment, and even the accident condition. The existing cyber security approaches for information networks, such as firewalls, encryption, can enhance the cyber security of I&C systems, but are often insufficient in addressing challenges associate with the I&C systems which link cyber space and physical systems. The defense approach based on physical information should be developed to meet the emerging challenges. In this paper, we propose the cyber-physical security (CPS) approach based on the physical process data for the cyber defense. This approach does not intend to replace current cyber defense mechanisms. It could be served as the last barrier for security defense. The goal of the CPS defense approach is to detect attacks at the beginning of the occurrence of physical process anomalies cause by cyber-attacks. A practical implementation of the CPS approach is proposed and its influence on the existing infrastructure is discussed. The statistical analysis techniques are utilized on physical process data for attack detection. The method of dynamic principal component analysis (dynamic PCA) is employed to characterize the correlation of multiple variables in the normal operational condition. In the abnormal operational occurrence, the chi-square detector is able to distinguish adversarial cyber-attacks from ordinary random failures.

The invisible hole of information on SMB's cybersecurity

2019 ◽  
Vol 7 (1) ◽  
pp. 14-26
Author(s):  
Ruti Gafni ◽  
Tal Pavel
Keyword(s):  
Mass Communication ◽  
Cyber Attacks ◽  
Communication Media ◽  
Specific Information ◽  
Exploratory Research ◽  
Cyber Attack ◽  
Public Attention ◽  
Cyber Threats ◽  
Accessible Information ◽  
Types Of Information

Small and Medium Businesses (SMB) use Internet and computer-based tools in their daily processes, sometimes without being aware to the cyber threats, or without knowing how to be prepared in case of a cyber-attack, although they are a major target for cyber-attacks. Specific information about cybersecurity needed by SMBs, in order to cope with cyber threats, is not always available or easily accessible. In this study, a vast search of different types of information about SMBs’ cybersecurity was performed, in order to find whether a hole of accessible information exists in this area. This exploratory research covered general mass communication media channels, technological and professional cybersecurity websites, and academic journals, and found that indeed very few studies, articles and news items were published in this matter. Leveraging knowledge and awareness, diminishing the shame for reporting cyber-attacks, and increasing mass communication media interest and public attention, may be activities to cover this “invisible hole”.

Sign in / Sign up

Export Citation Format

Share Document