scholarly journals Beyond Physical Threats: Cyber-attacks on Critical Infrastructure as a Challenge of Changing Security Environment – Overview of Cyber-security legislation and implementation in SEE Countries

2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Ivana Cesarec
Keyword(s):  
European Union ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Member States ◽  
Industrial Control Systems ◽  
Eu Member States ◽  
Cyber Threats

States, organizations and individuals are becoming targets of both individual and state-sponsored cyber-attacks, by those who recognize the impact of disrupting security systems and effect to people and governments. The energy sector is seen as one of the main targets of cyber-attacks against critical infrastructure, but transport, public sector services, telecommunications and critical (manufacturing) industries are also very vulnerable. One of most used example of cyber-attack is the Ukraine power grid attack in 2015 that left 230,000 people without power for up to 6 hours. Another most high profile example of a cyber-attack against critical infrastructure is the Stuxnet computer virus (first used on Iranian nuclear facility) which could be adapted to attack the SCADA systems (industrial control systems) used by many critical infrastructures in Europe.Wide range of critical infrastructure sectors are reliant on industrial control systems for monitoring processes and controlling physical devices (sensors, pumps, etc.) and for that reason, physical connected devices that support industrial processes are becoming more vulnerable. Not all critical infrastructure operators in all sectors are adequately prepared to manage protection (and raise resilience) effectively across both cyber and physical environments. Additionally there are few challenges in implementation of protection measures, such as lack of collaboration between private and public sector and low levels of awareness on existence of national key legislation.From supranational aspect, in relation to this papers topic, the European Union has took first step in defense to cyber threats in 2016 with „Directive on security of network and information systems“ (NIS Directive) by prescribing member states to adopt more rigid cyber-security standards. The aim of directive is to improve the deterrent and increase the EU’s defenses and reactions to cyber attacks by expanding the cyber security capacity, increasing collaboration at an EU level and introducing measures to prevent risk and handle cyber incidents. There are lot of other „supporting tools“ for Member States countries, such as European Union Agency for Network and Information Security – ENISA (which organize regular cyber security exercises at an EU level, including a large and comprehensive exercise every two years, raising preparedness of EU states); Network of National Coordination Centers and the European Cybersecurity Industrial, Technology and Research Competence Centre; and Coordinated response to major cyber security incidents and crises (Blueprint) with aim to ensure a rapid and coordinated response to large-scale cyber attacks by setting out suitable processes within the EU.Yet, not all Member States share the same capacities for achieving the highest level of cyber-security. They need to continuously work on enhancing the capability of defense against cyber threats as increased risk to state institutions information and communication systems but also the critical infrastructure objects. In Southeast Europe there are few additional challenges – some countries even don't have designated critical infrastructures (lower level of protection; lack of „clear vision“ of criticality) and critical infrastructures are only perceived through physical prism; non-EU countries are not obligated to follow requirements of European Union and its legislation, and there are interdependencies and transboundary cross-sector effects that needs to be taken in consideration. Critical infrastructure Protection (CIP) is the primary area of action, and for some of SEE countries (like the Republic of Croatia) the implementation of cyber security provisions just complements comprehensive activities which are focused on physical protection.This paper will analyze few segments of how SEE countries cope with new security challenges and on which level are they prepared for cyber-attacks and threats: 1. Which security mechanisms they use; 2. The existing legislation (Acts, Strategies, Plan of Action, etc.) related to cyber threats in correlation with strategic critical infrastructure protection documents. Analysis will have two perspectives: from EU member states and from non-EU member states point of view. Additionally, for EU member states it will be analyzed if there were any cyber security legislation before NIS directive that meets same aims. The aim of research is to have an overall picture of efforts in region regarding cyber-security as possibility for improvement thorough cooperation, organizational measures, etc. providing also some recommendations to reduce the gap in the level of cyber-security development with other regions of EU.

scholarly journals Cyber Attacks on Critical Infrastructure

2016 ◽  
pp. 448-465
Author(s):  
Ana Kovacevic ◽  
Dragana Nikolic
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Future Directions ◽  
Infrastructure Systems ◽  
Cyber Threats ◽  
Scada Systems ◽  
Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Cyber Attacks on Critical Infrastructure

2015 ◽  
pp. 1-18 ◽  
Author(s):  
Ana Kovacevic ◽  
Dragana Nikolic
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Future Directions ◽  
Infrastructure Systems ◽  
Cyber Threats ◽  
Scada Systems ◽  
Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

scholarly journals A review: towards practical attack taxonomy for industrial control systems

2018 ◽  
Vol 7 (2.14) ◽  
pp. 145 ◽  
Author(s):  
Qais Saif Qassim ◽  
Norziana Jamil ◽  
Razali Jidin ◽  
Mohd Ezanee Rusli ◽  
Md Nabil Ahmad Zawawi ◽  
...  
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada System ◽  
Water Transportation ◽  
Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.  

Economic Impact of Cyber Attacks on Critical Infrastructures

2019 ◽  
pp. 291-314
Author(s):  
Merve Şener
Keyword(s):  
Economic Impact ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Economic Losses ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Network Systems ◽  
Financial Losses

Critical infrastructures ensure that activities that are vital and important for individuals can be safely delivered to the society uninterruptedly. The damage on these critical infrastructures caused by cyber-attacks whose control is carried out through computers and network systems is very large. Cyber-attacks directly or indirectly affect companies, institutions, and organizations economically and cause great financial losses. In this chapter, two different categories, energy and finance sector, which are described as critical infrastructure, are discussed; cyber-attacks carried out on these sectors, cyber-attack weapons, and economic losses caused by these attacks are examined.

scholarly journals Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework

2021 ◽  
Vol 11 (16) ◽  
pp. 7738
Author(s):  
Kyounggon Kim ◽  
Faisal Abdulaziz Alfouzan ◽  
Huykang Kim
Keyword(s):  
Cyber Security ◽  
Personal Information ◽  
Cyber Attacks ◽  
The Internet ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Security Framework ◽  
Scoring Model ◽  
Advanced Persistent Threats ◽  
The World

Cyber-attacks have become commonplace in the world of the Internet. The nature of cyber-attacks is gradually changing. Early cyber-attacks were usually conducted by curious personal hackers who used simple techniques to hack homepages and steal personal information. Lately, cyber attackers have started using sophisticated cyber-attack techniques that enable them to retrieve national confidential information beyond the theft of personal information or defacing websites. These sophisticated and advanced cyber-attacks can disrupt the critical infrastructures of a nation. Much research regarding cyber-attacks has been conducted; however, there has been a lack of research related to measuring cyber-attacks from the perspective of offensive cybersecurity. This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract. For this purpose, we identified each element of offensive cybersecurity used in cyber-attacks. We also investigated the extent to which the detailed techniques identified in the offensive cyber-security framework were used, by analyzing cyber-attacks. Based on these investigations, the complexity and intensity of cyber-attacks can be measured and quantified. We evaluated advanced persistent threats (APT) and fileless cyber-attacks that occurred between 2010 and 2020 based on the methodology we developed. Based on our research methodology, we expect that researchers will be able to measure future cyber-attacks.

An Analysis of the Legal Systems and Mechanisms Introduced in the European Union in the Fight Against Cyberspace Threats

2016 ◽  
Vol 8 (2) ◽  
pp. 0-0
Author(s):  
Anna Kańciak
Keyword(s):  
European Union ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Economic Security ◽  
The European Union ◽  
Preventive Action ◽  
Member States ◽  
Strategic Objective ◽  
Illegal Activities ◽  
High Level

The ability to conduct attacks in cyberspace from any location in the world, together with a high level of anonymity for the perpetrator, underlines the global nature of this issue. Consequently, threats within cyberspace have become one of the most serious challenges for the national and economic security of countries. The immaterial character of cyberspace and the threats emerging from within its framework transcend borders in respect of both the subject and territorial dimension. The illegal activities conducted in cyberspace are also connected with the low, and constantly decreasing, costs of initiating and conducting attacks along with the relatively high possibility of by the attacking entity remaining anonymous.3 Cyber-security strategies are the response of the European Union and its Member States to the emerging threats. Developing national strategies is a relatively new trend. In such documents Member States present their national perspective in respect of cyberspace protection as well as the rules of conduct, perception of the threat, risk assessment and a strategic objective complemented by other specific objectives. These documents help national decision-makers with policy making in terms of cyberspace protection and the allocation of the resources essential for its development. Apart from cyberspace, strategies designate crucial areas of the state’s functioning as principal area of the protection that require special preventive action, i.e. critical infrastructure, economic development, national security, social development and a sense of security as a component within information-communications technologies applications.

Cyber Diplomacy

2021 ◽  
Vol 10 (2) ◽  
pp. 37-50
Author(s):  
Andreea DRAGOMIR
Keyword(s):  
European Union ◽  
Cyber Security ◽  
Main Idea ◽  
Cyber Attacks ◽  
The European Union ◽  
Security Strategy ◽  
Cyber Defense ◽  
Member States ◽  
Cross Border ◽  
The Cross

The article aims to highlight issues related to the risks to both the European Union and the Member States, but at the same time seeks to highlight current legislative and political approaches applicable in cyberspace. This set of tools used in cyber diplomacy includes the concepts of cooperation and diplomatic dialogue (common cyber network of EU states, common cyber defense unit) but also measures to prevent cyber-attacks (European Union Cyber Security Strategy), as well as sanctions. Throughout this presentation, the main idea is supported by the cross-border nature of cyberspace.

scholarly journals Enhancing Navigator Competence by Demonstrating Maritime Cyber Security

2018 ◽  
Vol 71 (5) ◽  
pp. 1025-1039 ◽  
Author(s):  
Odd Sveinung Hareide ◽  
Øyvind Jøsok ◽  
Mass Soldal Lund ◽  
Runar Ostnes ◽  
Kirsi Helkala
Keyword(s):  
Work Environment ◽  
Information And Communication Technology ◽  
Communication Technology ◽  
Cyber Security ◽  
Situational Awareness ◽  
Cyber Attacks ◽  
The Internet ◽  
Cyber Attack ◽  
Cyber Threats ◽  
Information And Communication

As technology continues to develop, information and communication technology and operational technology on board ships are increasingly being networked, and more frequently connected to the Internet. The introduction of cyber systems changes the work environment with the aim of decreasing the workload for the navigator, but at the same time introduces more complexity and vulnerabilities that in turn may alter the competencies needed to perform safe and efficient navigation. Contemporary examples of how cyber-attacks can distort situational awareness and interfere with operations are needed to enhance the navigator's competence through increased system awareness. This paper demonstrates some of the possible attack vectors that a cyber-attack can present to a ship, as well as discussing the plausibility and consequences of such attacks. In this study we provide a practical example to better understand how one can demystify cyber threats in order to enhance the navigators' competence.

scholarly journals CYBER-SECURITY IN THE NEW ERA OF INTEGRATED OPERATIONAL – INFORMATIONAL TECHNOLOGY SYSTEMS

2021 ◽  
Vol 11 (1) ◽  
pp. 68-79
Author(s):  
Vlad Daniel Savin ◽  
Keyword(s):  
Information Technology ◽  
Cyber Security ◽  
Power Plants ◽  
New Technologies ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Digital Revolution ◽  
The Right ◽  
Technology Systems

Digital Revolution has forced previously isolated networks of critical infrastructures to become more digitally integrated. Recent cyber-attacks, including Stuxnet and Wiper, have exposed a new set of cybersecurity vulnerabilities in this field. This new environment has forced previously isolated networks of critical infrastructures like utilities or power plants to become more digitally integrated. This paper offers a view into the most efficient current defense solutions. It also offers a glimpse into the need for the further development of new protection mechanisms developed on the emerging new technologies. The risks posed by the integration of Information Technology solutions with Operational Technology systems have been a key topic also at the latest World Economic Forum conference, where cyber-attacks of critical infrastructures were discussed in the context of the most significant risks for the upcoming decade. The findings of this paper are applicable to other industries. The paper aims to highlight that by initially understanding the vulnerabilities of the IT components and by taking the right cybersecurity preventive measures, critical infrastructure can be protected against these kinds of threats. The research framework behind this paper was directed towards analysing the cyber risks associated with the convergence between the Information Technology solutions with the Operational Technology systems of critical infrastructure.

scholarly journals powerLang: a probabilistic attack simulation language for the power domain

2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Simon Hacks ◽  
Sotirios Katsikeas ◽  
Engla Ling ◽  
Robert Lagerström ◽  
Mathias Ekstedt
Keyword(s):  
Cyber Security ◽  
Cyber Attacks ◽  
Security Assessment ◽  
Cyber Attack ◽  
Industrial Control ◽  
Attack Graphs ◽  
Industrial Control Systems ◽  
Domain Specific ◽  
Simulation Language ◽  
Power Domain

AbstractCyber-attacks these threats, the cyber security assessment of IT and OT infrastructures can foster a higher degree of safety and resilience against cyber-attacks. Therefore, the use of attack simulations based on system architecture models is proposed. To reduce the effort of creating new attack graphs for each system under assessment, domain-specific languages (DSLs) can be employed. DSLs codify the common attack logics of the considered domain.Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop DSLs and generate attack graphs for modeled infrastructures. In this article, powerLang as a MAL-based DSL for modeling IT and OT infrastructures in the power domain is proposed. Further, it allows analyzing weaknesses related to known attacks. To comprise powerLang, two existing MAL-based DSL are combined with a new language focusing on industrial control systems (ICS). Finally, this first version of the language was validated against a known cyber-attack.

Sign in / Sign up

Export Citation Format

Share Document