The worm, which targeted PLCs, disrupted the Iranian nuclear program by damaging centrifuges used to separate nuclear material. The most high profile example of a cyber-attack against critical infrastructure is the Stuxnet computer virus. Over the years, a wide range of sectors have become more reliant on industrial control systems – such as SCADA, Programmable Logic Controllers (PLC) and Distributed Control Systems - for monitoring processes and controlling physical devices, such as pumps, valves, motors, sensors etc. It reported a 20% increase in cyber investigations in 2015, and a doubling of attacks against US critical manufacturing. Oil rigs, ships, satellites, airliners, airport and port systems are all thought to be vulnerable, and media reports suggest that breaches have occurred.Ĭyber-attacks against critical infrastructure and key manufacturing industries have increased, according to US cyber-security officials at Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the US government body that helps companies investigate attacks against ICS and corporate networks. In 2013, Iranian hackers breached the Bowman Avenue Dam in New York and gained control of the floodgates. Transport, public sector services, telecommunications and critical manufacturing industries are also vulnerable. The energy sector is one of the main targets of cyber-attacks against critical infrastructure, but it is not the only one. The blackout was followed two months later by the news that the Israel National Electricity Authority had suffered a major cyber-attack, although damage was mitigated after the Israel Electricity Corporation shut down systems to prevent the spread of a virus. Three utilities companies in Ukraine were hit by BlackEnergy malware, leaving hundreds of thousands of homes without electricity for six hours.Īccording to cyber security firm Trend Micro, the malware targeted the utility firms’ SCADA (supervisory control and data acquisition) systems and probably began with a phishing attack. In December 2015, the world witnessed the first known power outage caused by a malicious cyber-attack. And fears have been given credence by recent events. Unsurprisingly, the vulnerability of critical infrastructure to cyber-attacks and technical failures has become a big concern. Now they are far more interconnected, both in terms of geography and across sectors.Īs the US power grid scenario highlights, the failure of one critical infrastructure could result in a devastating chain reaction, says Edry. Just decades ago, power grids and other critical infrastructure operated in isolation.
Such a scenario sounds apocalyptic, but it is a realistic threat, according to Idan Udi Edry, Chief Executive Officer at Nation-E, a provider of cyber security solutions that safely allow customers to connect their infrastructure to the internet, thereby enabling them to connect and control critical assets remotely and safely.Ĭritical infrastructure, like power generation and distribution, is becoming more complex and reliant on networks of connected devices. Millions of homes and businesses are plunged into darkness, communications are cut, banks go offline, hospitals close and air traffic is grounded. Loss prevention is key to incenting insurers to offer higher limits to encourage customers to buy cyber protection insuranceĭuring a particularly harsh winter, a group of hacktivists spreads panic by bringing down the US power grid.Main targets of hacktivists are energy, transportation, public services, telecommunications and critical manufacturing sectors.Vulnerability of critical infrastructure and technical failures is a real concern among security specialists and insurers.Power generation and distribution is more complex and connected than ever before.
0 kommentar(er)
