SlideShare a Scribd company logo

Cyberterrorism Threats to Critical Infrastructure

M
MARIUS EUGEN OPRAN

The document discusses cyberterrorism threats to critical infrastructure systems like power grids. It describes how terrorist groups could target these systems through cyber attacks, giving examples of botnets being used to overwhelm networks with denial of service attacks. The document also examines the challenges of attribution and response to such attacks since terrorist networks operate asymmetrically online. It argues strong cybersecurity defenses and ability to trace attacks are needed to counter potential cyberterrorism.

1 of 33
Download to read offline
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Study case: The European Power Grid
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CYBERTERRORIST THREATS TO POWER GRID  Threats to critical infrastructure  Threats to Networked Control Systems Direct – Action Threats to Power Grid  Threats to Trustworthy Cyber-Infrastructure for Power (TCIP)
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 EXAMPLES OF CRITICAL INFRASTRUCTURE TARGETED BY CYBER TERRORISM •Electricity, Gas & Oil Grids •Nuclear Reactors •Finance & Banking •Passengers Transportation •Human & Agricultural Health •ICT Systems & Infrastructure •Cities & Major Civil Works
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 INTERDEPENDENCY OF SYSTEMS
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 DEPENDENCY ON NETWORK-BASED SYSTEMS • Dependency on network-based systems is pervasive across all sectors. Critical components of our national infrastructure rely on a variety of network- based systems. • Each critical sector surveyed identified dependency on one or two sectors. • The answer to the question “Are we ranking our critical infrastructures as to their vulnerability to cyber attacks?” is multi-faceted. The degree that any sector is vulnerable is dependent upon a number of characteristics: type of attack, scope of impact, time of attack, duration of outage.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Impact Assessment
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 EARLY ATTACKS ON THE INTERNET
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Power Grid Management
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 What Should We Protect: The equation: – Summed over millions of Customers – Entity types that comprise the Electricity Systems : Generation, Transmission, Load Serving Entities, Purchasing-Selling Entities, Reliability Coordinators, Control Areas, State National and Regional Carriers, Independent System Operators, Regulators. – Splitted by three level of interconnections: • European • National • Regional
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Electrical Grid of Europe
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Nation’s Electrical Infrastructure comprised of integrally linked generation, distribution, and transmission subsystems.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 The European Commission’s Directorate-General for Energy manages work in this area : • Sets reliability standards. • Ensures compliance with reliability standards. • Provides education and training resources. • Conducts assessments, analyses, and reports. • Facilitates information exchange and coordination among members and industry organizations. • Supports reliable system operation and planning. • Certifies reliability service organizations and personnel. • Coordinates CIP of the bulk electric system • Administers procedures for conflict resolution on reliability issues.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 DEFINING CYBER TERRORISM • Cyber Terrorism is the convergence of Cyberspace and Terrorism. It refers to unlawful attacks and threats of attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives. • Serious attacks against critical infrastructures could be acts of Cyber Terrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not. • Cyber Terrorism refers to premeditated, politically motivated attacks by sub-national groups or clandestine agents against information, computer systems, computer programs, and data that result in violence against non- combatant targets.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Cyber Terrorism Threats The four most common sources of threats: 1. Nation-States (launch of major cyber attacks against one another already done during the last decade) 2. Terrorists (groups seeking to expand their capability in this area) 3. Terrorist sympathizers (the most likely group to launch a cyber attack) 4. Thrill Seekers (a minor threat because they are driven by a desire to show off their skills rather than a desire to destroy)
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 PHILOSOPHY OF CYBER TERRORISM (I) • The Cyber Space is a place where the bad guys have always been one step ahead of the good guys. • Cyber Extremism is a reliable indicator of social problems and geopolitical tensions, shedding light on the root causes of terrorism and insurgency. • Every extremist thinks that Cyber Security is a joke, and every cyber terrorist sees it as a weakness. • Cyber Defense is only as strong as the weakest link.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 • Cyber Terrorists - at least three goals in mind: (1) Information Theft - stealing data from a targeted personal device, system or network is not only the most common threat, but one which makes Cyber Terrorism attractive and profitable (2) Information Disruption - defacement for the purpose of sabotage or vandalism, rendering critical operating systems incapable of performing their essential functions (3) Information Denial - destruction via floods of automated hits, capable of bringing down whole countries if the economic, news media, Internet and telecommunications structures are disabled PHILOSOPHY OF CYBER TERRORISM (II)
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (I) : A HYPOTHETICALLY CYBER TERRORIST ATTACK • The typical Cyber Terrorist attack would involve bringing down a country's energy & information infrastructure. They would use a distributed denial of service attack. Doing so would be the equivalent of launching millions of infobombs (e-Bombing) at a target, all while maintaining total deniability. The initial stages of the attack would only last a few hours, but there would be lingering effects lasting days or weeks. It would look something like this: • Flag 1 is the Attacker - Republic Armada - a hypothetically country from the Far East, • Flag 2 is the Bot Herder (explained in the next slide), • Flag 3 is the Zombie (placed in Central America), • Flag 4 is the Target (the U.S. in this case).
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 1. (ATTACKER) In this scenario, tension over proposed US legislation to raise tariffs on ARMADA imports triggers a crisis. Armada Gov’t orders a limited attack on the computer systems of US Congress members and energy corporations that support the bill. Armada security officials hire criminal bot herders to launch the denial of service attacks. Payments are routed via anonymous services like PayPal (often using branches based in Latin America). Target IP addresses and email accounts (harvested in earlier operations) are distributed through private chat rooms used by criminal hackers. Once the attack is under way, a media and diplomatic campaign will portray the attackers as Cyber Vigilantes operating on their own. CASE STUDY (II) : SCENARIO - ATTACKER
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (III) : SCENARIO – BOT HERDER 2. (BOT HERDER) Freelance computer hackers function as the project managers for the DDoS attack. Typically, a hacker or a syndicate of hackers control one or more giant botnets, worldwide networks that can include 100,000 computers. Each machine has been surreptitiously infected by the bot herder with a bot, a remotely controlled piece of malicious software. Herders usually make their living by renting these networks out for commercial spam, phishing fraud, and denial-of-service extortion. On the bot herder's signal, his network of bots can launch millions of packets of information toward a single target, overwhelming its defenses and either crashing it or driving its owners to shut it down as a defensive precaution.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (IV) : SCENARIO - ZOMBIE 3. (ZOMBIE) Once an ordinary computer is infected by a bot, it becomes one of the unwitting drones that make up a global botnet – a Zombie. When Zombies receive a signal from the bot herder, the bot takes control of its host and sends out multiple packets of information - usually spam - to designated targets. Thanks to the distributed nature of these networks, attacks appear to be coming from random personal computers located all over the world. In this scenario, many will even be from within the US. And if you're wondering if your PC is infected, detection isn't easy. Fortunately, new versions of home security software, like Norton AntiBot, are targeting this new strain of malware. But bots keep mutating, so the
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (V) : SCENARIO - TARGET 4. (TARGET) A full-scale DDoS attack meant as an act of war might target military and Gov’t servers, power grids, civilian email, banks & Telco’s. But in this more likely scenario, the targets are Web sites and email systems of Congress members and energy corporations that support higher trade barriers. These groups blame the Armada government, but can't prove it. Nevertheless, targets will be effectively shut down while they undergo security upgrades and damage assessment, inhibiting their ability to work on behalf of the legislation.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (VI) : DIFFERENT SCENARIOS Three likely scenarios of what's going to happen because of all the Internet mischief in cyberspace: • Scenario #1 : Malicious activity in cyberspace becomes so pervasive that a crisis of confidence develops, and governments and corporations scramble to exert greater control, but eventually give up, resorting to behind-the- scenes work in "walled gardens," allowing the rest of the world to degrade and decay economically and socially with an egregiously offensive (and criminal) Internet.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (VII) : DIFFERENT SCENARIOS • Scenario #2 - A set of nation-states go to cyber war against one another, followed by dissenters and protesters who turn to disruptive attacks, and as the world becomes accustomed to nonkinetic modes of mass disruption, terrorists or insurgents jump on the bandwagon, launching a new form of long-term, cyber- guerrilla warfare. • Scenario #3 - Technological breakthroughs occur which allow the transmission of digital information via electromagnetic pulses or some other form of directed energy, and terrorists exploit this new technology to launch pinpoint, assassination-like strikes against specific targets like the national electricity grids.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 COUNTER – CYBER TERRORISM Two most important things for countering Cyber-Terrorism: (1)Attribution - WHO IS BEHIND IT; (2)Characterization - HOW DID THEY DO IT. • The hackers, like terrorists, tend to work in asymmetric, non-hierarchical formation, which means that they do not have organizations like linear gangs and so forth, but instead rough and temporary alliances = NETWAR
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 NETWAR : information-related conflict at a grand level between nations or societies. It means trying to disrupt or damage what a target population knows or thinks it knows about itself and the world around it. A netwar may focus on public or elite opinion, or both. It may involve diplomacy, propaganda and psychological campaigns, political and cultural subversion, deception of or interference with local media, infiltration of computer networks and databases, and efforts to promote dissident or opposition movements across computer networks
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 MEMBERSHIP ROLES OF HACKING / TERRORIST NETWORKS Organizers -- core members who steer group Leadership -- charismatics who lead group Insulators -- members who protect the core Bodyguards -- members who protect leaders Communicators -- pass on directives Seconds in command -- pass on orders Guardians -- security enforcers Intelligence -- and counter - intelligence agents Extenders -- recruiters of new members Financiers -- fund raisers & money launderers Monitors -- advisors about group weaknesses Logistics -- keepers of safe houses Members -- those who do the hacking Operations -- those who commit the terror Crossovers -- people with regular jobs Sleepers -- members living under deep cover
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 COUNTER – CYBER TERRORISM METHODS (I) A national security response to a Cyber Attack would consist of one or both of the following elements: • "TRACK-BACK" - where officials quickly trace an attacker through the Internet nodes transited by obtaining the transactional data from each node. Such action may require the cooperation of Internet Service Providers or a legal means of compelling subscriber information from such providers. If the computer intrusion is disrupting a real-time military deployment or combat operation, or presents an imminent and serious threat to public health and safety, or is producing extensive property damage or paralyzing financial institutions, there is a need for urgent action in the form of utilizing constitutional exemptions to search & seizure law, such as the “Exigent Circumstances" exemption or the “Hot Pursuit"
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 COUNTER - CYBER TERRORISM METHODS (II) "SHOOT-BACK" - once the computer equipment is located (meeting the disruption and/or threat requirements above), it may be possible to damage and destroy it by electronic means or traditional military means. Electronic means (such as discharging an electromagnetic pulse toward the equipment) would probably have to meet just war standards regarding proportionality and discrimination, ensuring no unintentional or collateral damage to nearby noncombatants. Traditional military means would involve a raid by special forces or a cruise missile through the window.
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Power Grid Management
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Power Systems Applications Overview
XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 MARIUS – EUGEN OPRAN MEMBER EESC - CCMI MANY THANKS TO: - Dr. CARL A. GUNTER UNIVERSITY OF ILLINOIS - Dr. CHARLES HOOKHAM VP, HDR ENGINEERING

Recommended

CTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCommonwealth Telecommunications Organisation
 
Manage the Complexity
Manage the ComplexityManage the Complexity
Manage the ComplexityMotorola Solutions
 
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...Cybersecurity Education and Research Centre
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructureNeha Agarwal
 
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESEIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESΔρ. Γιώργος K. Κασάπης
 
Critical infrastructure
Critical infrastructureCritical infrastructure
Critical infrastructureProf. David E. Alexander (UCL)
 
RESEARCH PAPER
RESEARCH PAPERRESEARCH PAPER
RESEARCH PAPERTanvi Jindal
 
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Dr David Probert
 

Recommended

CTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCommonwealth Telecommunications Organisation
 
Manage the Complexity
Manage the ComplexityManage the Complexity
Manage the ComplexityMotorola Solutions
 
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...Cybersecurity Education and Research Centre
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructureNeha Agarwal
 
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESEIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESΔρ. Γιώργος K. Κασάπης
 
Critical infrastructure
Critical infrastructureCritical infrastructure
Critical infrastructureProf. David E. Alexander (UCL)
 
RESEARCH PAPER
RESEARCH PAPERRESEARCH PAPER
RESEARCH PAPERTanvi Jindal
 
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...
Cyber Vardzia - An in-depth analysis of Integrated Physical and Cyber Securit...Dr David Probert
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
CTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCommonwealth Telecommunications Organisation
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.AbutalebFahmi Albaheth
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructureUnisys Corporation
 
002-MAVIS - International agreements to combat electronic crimes
002-MAVIS - International agreements to combat electronic crimes002-MAVIS - International agreements to combat electronic crimes
002-MAVIS - International agreements to combat electronic crimesMichalis Mavis, MSc, MSc
 
cyber security and impact on national security (3)
cyber security and impact on national security (3)cyber security and impact on national security (3)
cyber security and impact on national security (3)Tughral Yamin
 
Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionRussell Publishing
 
Project Cyber Dawn: Libya
Project Cyber Dawn: LibyaProject Cyber Dawn: Libya
Project Cyber Dawn: LibyaAmr Ali
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Enrique Martin
 
IEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciIEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciFabio Massacci
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Benjamin Ang
 
Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Benjamin Ang
 
CTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha FernandoCTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha Fernandosegughana
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationMark Johnson
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Benjamin Ang
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...AJHSSR Journal
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabesegughana
 
Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity European Services Institute
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of warMark Johnson
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 African Cyber Security Summit
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorEuropean Services Institute
 

More Related Content

What's hot

Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.AbutalebFahmi Albaheth
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructureUnisys Corporation
 
002-MAVIS - International agreements to combat electronic crimes
002-MAVIS - International agreements to combat electronic crimes002-MAVIS - International agreements to combat electronic crimes
002-MAVIS - International agreements to combat electronic crimesMichalis Mavis, MSc, MSc
 
cyber security and impact on national security (3)
cyber security and impact on national security (3)cyber security and impact on national security (3)
cyber security and impact on national security (3)Tughral Yamin
 
Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionRussell Publishing
 
Project Cyber Dawn: Libya
Project Cyber Dawn: LibyaProject Cyber Dawn: Libya
Project Cyber Dawn: LibyaAmr Ali
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Enrique Martin
 
IEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciIEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciFabio Massacci
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Benjamin Ang
 
Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Benjamin Ang
 
CTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha FernandoCTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha Fernandosegughana
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationMark Johnson
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Benjamin Ang
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...AJHSSR Journal
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabesegughana
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of warMark Johnson
 

What's hot (20)

Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
CTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario ManiewiczCTO Cybersecurity Forum 2013 Mario Maniewicz
CTO Cybersecurity Forum 2013 Mario Maniewicz
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
 
002-MAVIS - International agreements to combat electronic crimes
002-MAVIS - International agreements to combat electronic crimes002-MAVIS - International agreements to combat electronic crimes
002-MAVIS - International agreements to combat electronic crimes
 
cyber security and impact on national security (3)
cyber security and impact on national security (3)cyber security and impact on national security (3)
cyber security and impact on national security (3)
 
Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussion
 
Project Cyber Dawn: Libya
Project Cyber Dawn: LibyaProject Cyber Dawn: Libya
Project Cyber Dawn: Libya
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...
 
IEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-MassacciIEEE-S&P Magazine-2015-Massacci
IEEE-S&P Magazine-2015-Massacci
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
 
Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)
 
CTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha FernandoCTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha Fernando
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabe
 
Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of war
 

Similar to Cyberterrorism Threats to Critical Infrastructure

Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorEuropean Services Institute
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Ekonomikas ministrija
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!amit_shanu
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureDr David Probert
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Business Days
 
Cyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxCyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxSharifulShishir
 
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01guest446b00
 
21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma 21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma Mohamed N. El-Guindy
 
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....zayadeen2003
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Business Finland
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 

Similar to Cyberterrorism Threats to Critical Infrastructure (20)

Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation Sector
 
Cyber Threats
Cyber ThreatsCyber Threats
Cyber Threats
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...Cyber Security in the Manufacturing Industry: New challenges in the informati...
Cyber Security in the Manufacturing Industry: New challenges in the informati...
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!
 
Take Down
Take DownTake Down
Take Down
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information Infrastructure
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
 
Cyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxCyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptx
 
rpt-world-eco-forum Final
rpt-world-eco-forum Finalrpt-world-eco-forum Final
rpt-world-eco-forum Final
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
 
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
 
21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma 21st Century Threats and Middle East Dilemma
21st Century Threats and Middle East Dilemma
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
 
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber Crime
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 

More from MARIUS EUGEN OPRAN

A NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRY
A NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRYA NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRY
A NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRYMARIUS EUGEN OPRAN
 
THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...
THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...
THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...MARIUS EUGEN OPRAN
 
DEFENCE STRATEGY-READY FOR PRINT
DEFENCE STRATEGY-READY FOR PRINTDEFENCE STRATEGY-READY FOR PRINT
DEFENCE STRATEGY-READY FOR PRINTMARIUS EUGEN OPRAN
 
Comunicații mobile prin satelit pentru aplicații SCADA
Comunicații mobile prin satelit pentru aplicații SCADAComunicații mobile prin satelit pentru aplicații SCADA
Comunicații mobile prin satelit pentru aplicații SCADAMARIUS EUGEN OPRAN
 
TURKEY-THE STRATEGIC ENERGY CONNECTOR OK
TURKEY-THE STRATEGIC ENERGY CONNECTOR OKTURKEY-THE STRATEGIC ENERGY CONNECTOR OK
TURKEY-THE STRATEGIC ENERGY CONNECTOR OKMARIUS EUGEN OPRAN
 
14.06.01_LEOPARD_Viena_2014_ok
14.06.01_LEOPARD_Viena_2014_ok14.06.01_LEOPARD_Viena_2014_ok
14.06.01_LEOPARD_Viena_2014_okMARIUS EUGEN OPRAN
 
2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling final2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling finalMARIUS EUGEN OPRAN
 
BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24
BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24
BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24MARIUS EUGEN OPRAN
 
SPACE DEBRIS PALAT PARLAM no authors
SPACE DEBRIS PALAT PARLAM no authorsSPACE DEBRIS PALAT PARLAM no authors
SPACE DEBRIS PALAT PARLAM no authorsMARIUS EUGEN OPRAN
 
2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft
2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft
2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draftMARIUS EUGEN OPRAN
 

More from MARIUS EUGEN OPRAN (20)

ICT4SD BROCHURE
ICT4SD BROCHUREICT4SD BROCHURE
ICT4SD BROCHURE
 
ICT4SD BROCHURE
ICT4SD BROCHUREICT4SD BROCHURE
ICT4SD BROCHURE
 
A NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRY
A NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRYA NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRY
A NEW STRATEGY FOR A STRONGER AND MORE COMPETITIVE EUROPEAN DEFENCE INDUSTRY
 
ICT4SD BROCHURE
ICT4SD BROCHUREICT4SD BROCHURE
ICT4SD BROCHURE
 
THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...
THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...
THE DIGITAL AGENDA - A PERSONAL VIEW PREPARED UNDER THE PERSONAL REQUEST OF D...
 
BROCHURE-READY FOR PRINT
BROCHURE-READY FOR PRINTBROCHURE-READY FOR PRINT
BROCHURE-READY FOR PRINT
 
DEFENCE STRATEGY-READY FOR PRINT
DEFENCE STRATEGY-READY FOR PRINTDEFENCE STRATEGY-READY FOR PRINT
DEFENCE STRATEGY-READY FOR PRINT
 
SCRISOARE DESCHISA
SCRISOARE DESCHISASCRISOARE DESCHISA
SCRISOARE DESCHISA
 
RAZBOIUL METEO_published
RAZBOIUL METEO_publishedRAZBOIUL METEO_published
RAZBOIUL METEO_published
 
Comunicații mobile prin satelit pentru aplicații SCADA
Comunicații mobile prin satelit pentru aplicații SCADAComunicații mobile prin satelit pentru aplicații SCADA
Comunicații mobile prin satelit pentru aplicații SCADA
 
TURKEY-THE STRATEGIC ENERGY CONNECTOR OK
TURKEY-THE STRATEGIC ENERGY CONNECTOR OKTURKEY-THE STRATEGIC ENERGY CONNECTOR OK
TURKEY-THE STRATEGIC ENERGY CONNECTOR OK
 
14.06.01_LEOPARD_Viena_2014_ok
14.06.01_LEOPARD_Viena_2014_ok14.06.01_LEOPARD_Viena_2014_ok
14.06.01_LEOPARD_Viena_2014_ok
 
STRATEGY DEF IND OK
STRATEGY DEF IND OKSTRATEGY DEF IND OK
STRATEGY DEF IND OK
 
2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling final2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling final
 
Lisbon pp 7.ix
Lisbon pp 7.ixLisbon pp 7.ix
Lisbon pp 7.ix
 
BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24
BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24
BORDER-FEASIBILITY-IDEX 2009_Excerpt 4 slidesfrom 24
 
SPACE DEBRIS PALAT PARLAM no authors
SPACE DEBRIS PALAT PARLAM no authorsSPACE DEBRIS PALAT PARLAM no authors
SPACE DEBRIS PALAT PARLAM no authors
 
2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft
2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft
2010.08.03 Raport catre Robert Madelin ref. Digital Agenda draft
 
LNG vs CNG_2010_Istanbul OK
LNG vs CNG_2010_Istanbul OKLNG vs CNG_2010_Istanbul OK
LNG vs CNG_2010_Istanbul OK
 
15.05.19_CLARA_EN_OK
15.05.19_CLARA_EN_OK15.05.19_CLARA_EN_OK
15.05.19_CLARA_EN_OK
 

Cyberterrorism Threats to Critical Infrastructure

  • 1. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Study case: The European Power Grid
  • 2. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CYBERTERRORIST THREATS TO POWER GRID  Threats to critical infrastructure  Threats to Networked Control Systems Direct – Action Threats to Power Grid  Threats to Trustworthy Cyber-Infrastructure for Power (TCIP)
  • 3. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 EXAMPLES OF CRITICAL INFRASTRUCTURE TARGETED BY CYBER TERRORISM •Electricity, Gas & Oil Grids •Nuclear Reactors •Finance & Banking •Passengers Transportation •Human & Agricultural Health •ICT Systems & Infrastructure •Cities & Major Civil Works
  • 4. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 INTERDEPENDENCY OF SYSTEMS
  • 5. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 DEPENDENCY ON NETWORK-BASED SYSTEMS • Dependency on network-based systems is pervasive across all sectors. Critical components of our national infrastructure rely on a variety of network- based systems. • Each critical sector surveyed identified dependency on one or two sectors. • The answer to the question “Are we ranking our critical infrastructures as to their vulnerability to cyber attacks?” is multi-faceted. The degree that any sector is vulnerable is dependent upon a number of characteristics: type of attack, scope of impact, time of attack, duration of outage.
  • 6. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Impact Assessment
  • 7. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 EARLY ATTACKS ON THE INTERNET
  • 8. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012
  • 9. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Power Grid Management
  • 10. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 What Should We Protect: The equation: – Summed over millions of Customers – Entity types that comprise the Electricity Systems : Generation, Transmission, Load Serving Entities, Purchasing-Selling Entities, Reliability Coordinators, Control Areas, State National and Regional Carriers, Independent System Operators, Regulators. – Splitted by three level of interconnections: • European • National • Regional
  • 11. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Electrical Grid of Europe
  • 12. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Nation’s Electrical Infrastructure comprised of integrally linked generation, distribution, and transmission subsystems.
  • 13. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 The European Commission’s Directorate-General for Energy manages work in this area : • Sets reliability standards. • Ensures compliance with reliability standards. • Provides education and training resources. • Conducts assessments, analyses, and reports. • Facilitates information exchange and coordination among members and industry organizations. • Supports reliable system operation and planning. • Certifies reliability service organizations and personnel. • Coordinates CIP of the bulk electric system • Administers procedures for conflict resolution on reliability issues.
  • 14. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 DEFINING CYBER TERRORISM • Cyber Terrorism is the convergence of Cyberspace and Terrorism. It refers to unlawful attacks and threats of attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives. • Serious attacks against critical infrastructures could be acts of Cyber Terrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not. • Cyber Terrorism refers to premeditated, politically motivated attacks by sub-national groups or clandestine agents against information, computer systems, computer programs, and data that result in violence against non- combatant targets.
  • 15. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Cyber Terrorism Threats The four most common sources of threats: 1. Nation-States (launch of major cyber attacks against one another already done during the last decade) 2. Terrorists (groups seeking to expand their capability in this area) 3. Terrorist sympathizers (the most likely group to launch a cyber attack) 4. Thrill Seekers (a minor threat because they are driven by a desire to show off their skills rather than a desire to destroy)
  • 16. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 PHILOSOPHY OF CYBER TERRORISM (I) • The Cyber Space is a place where the bad guys have always been one step ahead of the good guys. • Cyber Extremism is a reliable indicator of social problems and geopolitical tensions, shedding light on the root causes of terrorism and insurgency. • Every extremist thinks that Cyber Security is a joke, and every cyber terrorist sees it as a weakness. • Cyber Defense is only as strong as the weakest link.
  • 17. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 • Cyber Terrorists - at least three goals in mind: (1) Information Theft - stealing data from a targeted personal device, system or network is not only the most common threat, but one which makes Cyber Terrorism attractive and profitable (2) Information Disruption - defacement for the purpose of sabotage or vandalism, rendering critical operating systems incapable of performing their essential functions (3) Information Denial - destruction via floods of automated hits, capable of bringing down whole countries if the economic, news media, Internet and telecommunications structures are disabled PHILOSOPHY OF CYBER TERRORISM (II)
  • 18. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (I) : A HYPOTHETICALLY CYBER TERRORIST ATTACK • The typical Cyber Terrorist attack would involve bringing down a country's energy & information infrastructure. They would use a distributed denial of service attack. Doing so would be the equivalent of launching millions of infobombs (e-Bombing) at a target, all while maintaining total deniability. The initial stages of the attack would only last a few hours, but there would be lingering effects lasting days or weeks. It would look something like this: • Flag 1 is the Attacker - Republic Armada - a hypothetically country from the Far East, • Flag 2 is the Bot Herder (explained in the next slide), • Flag 3 is the Zombie (placed in Central America), • Flag 4 is the Target (the U.S. in this case).
  • 19. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 1. (ATTACKER) In this scenario, tension over proposed US legislation to raise tariffs on ARMADA imports triggers a crisis. Armada Gov’t orders a limited attack on the computer systems of US Congress members and energy corporations that support the bill. Armada security officials hire criminal bot herders to launch the denial of service attacks. Payments are routed via anonymous services like PayPal (often using branches based in Latin America). Target IP addresses and email accounts (harvested in earlier operations) are distributed through private chat rooms used by criminal hackers. Once the attack is under way, a media and diplomatic campaign will portray the attackers as Cyber Vigilantes operating on their own. CASE STUDY (II) : SCENARIO - ATTACKER
  • 20. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (III) : SCENARIO – BOT HERDER 2. (BOT HERDER) Freelance computer hackers function as the project managers for the DDoS attack. Typically, a hacker or a syndicate of hackers control one or more giant botnets, worldwide networks that can include 100,000 computers. Each machine has been surreptitiously infected by the bot herder with a bot, a remotely controlled piece of malicious software. Herders usually make their living by renting these networks out for commercial spam, phishing fraud, and denial-of-service extortion. On the bot herder's signal, his network of bots can launch millions of packets of information toward a single target, overwhelming its defenses and either crashing it or driving its owners to shut it down as a defensive precaution.
  • 21. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (IV) : SCENARIO - ZOMBIE 3. (ZOMBIE) Once an ordinary computer is infected by a bot, it becomes one of the unwitting drones that make up a global botnet – a Zombie. When Zombies receive a signal from the bot herder, the bot takes control of its host and sends out multiple packets of information - usually spam - to designated targets. Thanks to the distributed nature of these networks, attacks appear to be coming from random personal computers located all over the world. In this scenario, many will even be from within the US. And if you're wondering if your PC is infected, detection isn't easy. Fortunately, new versions of home security software, like Norton AntiBot, are targeting this new strain of malware. But bots keep mutating, so the
  • 22. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (V) : SCENARIO - TARGET 4. (TARGET) A full-scale DDoS attack meant as an act of war might target military and Gov’t servers, power grids, civilian email, banks & Telco’s. But in this more likely scenario, the targets are Web sites and email systems of Congress members and energy corporations that support higher trade barriers. These groups blame the Armada government, but can't prove it. Nevertheless, targets will be effectively shut down while they undergo security upgrades and damage assessment, inhibiting their ability to work on behalf of the legislation.
  • 23. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (VI) : DIFFERENT SCENARIOS Three likely scenarios of what's going to happen because of all the Internet mischief in cyberspace: • Scenario #1 : Malicious activity in cyberspace becomes so pervasive that a crisis of confidence develops, and governments and corporations scramble to exert greater control, but eventually give up, resorting to behind-the- scenes work in "walled gardens," allowing the rest of the world to degrade and decay economically and socially with an egregiously offensive (and criminal) Internet.
  • 24. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 CASE STUDY (VII) : DIFFERENT SCENARIOS • Scenario #2 - A set of nation-states go to cyber war against one another, followed by dissenters and protesters who turn to disruptive attacks, and as the world becomes accustomed to nonkinetic modes of mass disruption, terrorists or insurgents jump on the bandwagon, launching a new form of long-term, cyber- guerrilla warfare. • Scenario #3 - Technological breakthroughs occur which allow the transmission of digital information via electromagnetic pulses or some other form of directed energy, and terrorists exploit this new technology to launch pinpoint, assassination-like strikes against specific targets like the national electricity grids.
  • 25. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 COUNTER – CYBER TERRORISM Two most important things for countering Cyber-Terrorism: (1)Attribution - WHO IS BEHIND IT; (2)Characterization - HOW DID THEY DO IT. • The hackers, like terrorists, tend to work in asymmetric, non-hierarchical formation, which means that they do not have organizations like linear gangs and so forth, but instead rough and temporary alliances = NETWAR
  • 26. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 NETWAR : information-related conflict at a grand level between nations or societies. It means trying to disrupt or damage what a target population knows or thinks it knows about itself and the world around it. A netwar may focus on public or elite opinion, or both. It may involve diplomacy, propaganda and psychological campaigns, political and cultural subversion, deception of or interference with local media, infiltration of computer networks and databases, and efforts to promote dissident or opposition movements across computer networks
  • 27. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 MEMBERSHIP ROLES OF HACKING / TERRORIST NETWORKS Organizers -- core members who steer group Leadership -- charismatics who lead group Insulators -- members who protect the core Bodyguards -- members who protect leaders Communicators -- pass on directives Seconds in command -- pass on orders Guardians -- security enforcers Intelligence -- and counter - intelligence agents Extenders -- recruiters of new members Financiers -- fund raisers & money launderers Monitors -- advisors about group weaknesses Logistics -- keepers of safe houses Members -- those who do the hacking Operations -- those who commit the terror Crossovers -- people with regular jobs Sleepers -- members living under deep cover
  • 28. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 COUNTER – CYBER TERRORISM METHODS (I) A national security response to a Cyber Attack would consist of one or both of the following elements: • "TRACK-BACK" - where officials quickly trace an attacker through the Internet nodes transited by obtaining the transactional data from each node. Such action may require the cooperation of Internet Service Providers or a legal means of compelling subscriber information from such providers. If the computer intrusion is disrupting a real-time military deployment or combat operation, or presents an imminent and serious threat to public health and safety, or is producing extensive property damage or paralyzing financial institutions, there is a need for urgent action in the form of utilizing constitutional exemptions to search & seizure law, such as the “Exigent Circumstances" exemption or the “Hot Pursuit"
  • 29. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 COUNTER - CYBER TERRORISM METHODS (II) "SHOOT-BACK" - once the computer equipment is located (meeting the disruption and/or threat requirements above), it may be possible to damage and destroy it by electronic means or traditional military means. Electronic means (such as discharging an electromagnetic pulse toward the equipment) would probably have to meet just war standards regarding proportionality and discrimination, ensuring no unintentional or collateral damage to nearby noncombatants. Traditional military means would involve a raid by special forces or a cruise missile through the window.
  • 30. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012
  • 31. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Power Grid Management
  • 32. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 Power Systems Applications Overview
  • 33. XV EURO-ASIAN ECONOMIC SUMMIT EU Power Grid - Increasing the Safety level of CIP ISTANBUL – 10-12.4.2012 MARIUS – EUGEN OPRAN MEMBER EESC - CCMI MANY THANKS TO: - Dr. CARL A. GUNTER UNIVERSITY OF ILLINOIS - Dr. CHARLES HOOKHAM VP, HDR ENGINEERING