1 1
Copyright © 2012, Elsevier Inc.
All Rights Reserved
Chapter 1
Introduction
Cyber Attacks
Protecting National Infrastructure, 1st ed.
2
• Na#onal
infrastructure
– Refers
to
the
complex,
underlying
delivery
and
support
systems
for
all
large-‐scale
services
considered
absolutely
essen#al
to
a
na#on
• Conven#onal
approach
to
cyber
security
not
enough
• New
approach
needed
– Combining
best
elements
of
exis#ng
security
techniques
with
challenges
that
face
complex,
large-‐scale
na#onal
services
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction
Introduc#on
3
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction
Fig.
1.1
–
Na#onal
infrastructure
cyber
and
physical
aDacks
4
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction
Fig.
1.2
–
Differences
between
small-‐
and
large-‐scale
cyber
security
5
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction • Three
types
of
malicious
adversaries
– External
adversary
– Internal
adversary
– Supplier
adversary
Na#onal
Cyber
Threats,
Vulnerabili#es,
and
ADacks
6
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction
Fig.
1.3
–
Adversaries
and
exploita#on
points
in
na#onal
infrastructure
7
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction • Three
exploita#on
points
– Remote
access
– System
administra#on
and
normal
usage
– Supply
chain
Na#onal
Cyber
Threats,
Vulnerabili#es,
and
ADacks
8
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction • Infrastructure
threatened
by
most
common
security
concerns:
– Confiden#ality
– Integrity
– Availability
– TheQ
Na#onal
Cyber
Threats,
Vulnerabili#es,
and
ADacks
9
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction
Botnet
Threat
• What
is
a
botnet
a(ack?
– The
remote
collec#on
of
compromised
end-‐user
machines
(usually
broadband-‐connected
PCs)
is
used
to
aDack
a
target.
– Sources
of
aDack
are
scaDered
and
difficult
to
iden#fy
– Five
en##es
that
comprise
botnet
aDack:
botnet
operator,
botnet
controller,
collec0on
of
bots,
botnot
so3ware
drop,
botnet
target
10
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
hapter 1 – Introduction
• Five
en##.Read less