Research of the impact on the ecology of the state of cybersecurity of the critical infrastructure objects (original) (raw)

Analyzing the Cyber Risk in Critical Infrastructures

Issues on Risk Analysis for Critical Infrastructure Protection [Working Title]

Information and communication technology (ICT) plays an important role in critical infrastructures (CIs). Some ICT-based services are in itself critical for the functioning of society while other ICT elements are essential for the functioning of critical processes within CIs. Moreover, many critical processes within CIs are monitored and controlled by industrial control systems (ICS) also referred to as operational technology (OT). In line with the CI-concept, the concept of critical information infrastructure (CII) is introduced comprising both ICT and OT. It is shown that CIIs extend beyond the classical set of CIs. The risk to society due to inadvertent and deliberate CI/CII disruptions has increased due to the interrelation, complexity, and dependencies of CIs and CIIs. The cyber risk due to threats to and vulnerabilities of ICT and OT is outlined. Methods to analyze the cyber risk to CI and CII are discussed at both the organization, national, and the service chain levels. Cybe...

Features of Ensuring Cybersecurity of the Critical Infrastructure of the State

Theoretical and Applied Cybersecurity, 2020

One of the most important tasks of national security in modern conditions is to ensure the security and stable functioning of critical infrastructure of the state. Control systems are an integral and most vulnerable part of critical infrastructure facilities. This determines the importance of ensuring they are protected from destructive cyber actions. Destructive cyber actions in it is accompanied, as a rule, by chain effects and synergistic effects that systematically influence and cover all other spheres of the life of society and the state, both in ordinary and, especially, in critical conditions. The authors systematically and comprehensively analyzed and presented in the article the results of investigations of the features of destructive cyber actions in the critical infrastructure of state, counteracting them and protecting from them.

Cyber security management model for critical infrastructure

Entrepreneurship and Sustainability Issues, 2017

Cyber security is the most critical aspect nowadays of our technologically based lives. Government institutions, banking sectors, public and private services, nuclear power plants, power grid operators, water suppliers or waste water treatment companies use information technologies in their day-today operations. Everything that uses technologies are based on communication and information systems and that means that it depends on cyber security. The public and private sector each year spend millions of dollars on technologies, security software and hardware devices that will increase the cyber security inside their companies, but they are still vulnerable. The main problem of this situation is that cyber security is still usually treated as a technical aspect or technology which can be easily implemented inside the organization and this implementation will guarantee cyber security. This attitude must change, because cyber security nowadays is something more than just the technology. This article presents the taxonomy of the critical infrastructure attacks, analyzes attack vectors and attack methods used to damage critical infrastructure as well as the most common cyber security mistakes which organizations make in the cyber security field when trying to make themselves safer from vulnerabilities. The main aim of this article is to provide theoretical aspects of the cyber security management model which can be used to ensure security of critical infrastructure in an organization or company. The cyber security management model that is presented in this article is analyzed from management perspectives and is not concerned with technological aspects and products that are used to protect critical infrastructure from cyber security attacks and vulnerabilities.

Cybersecurity of critical infrastructure

The Ethics of Cybersecurity, 2019

This chapter provides a political and philosophical analysis of the values at stake in ensuring cyber-security for critical infrastructures. It presents a review of the boundaries of cybersecurity in nation-al security, with a focus on the ethics of surveillance for protecting critical infrastructures and the use of AI. A bibliographic analysis of the literature is applied until 2016 to identify and discuss the cybersecurity value conflicts and ethical issues in national security. This is integrated with an analy-sis of the most recent literature on cyber-threats to national infrastructure and the role of AI. This chapter demonstrates that the increased connectedness of digital and non-digital infrastructure en-hances the trade-offs between values identified in the literature of the past years, and supports this finding with the analysis of four case studies.

CYBER WARFARE AND CRITICAL INFRASTRUCTURE SECURITY

PowerGen Europe 2017 Conference, Cologne-GERMANY, 2017

The need to access to the information in a fast and reliable way has become an inevitable and urgent requirement within the scope of technological advances. Both the need of accessing to the information and the necessity to protect the information from malware and attackers, emphasize once more that the information security and cyber defense should be underlined with great attention. Today, the number of the systems, which do not interact with IT infrastructure, is quite insignificant. Critical infrastructures are managed centrally by using IT infrastructure. Security of critical infrastructures has become a main problem on its own. The notion of cyber-attacks is generally perceived as premeditated disruptive activities against computer networks, computer programs and data to create chaos and impair functioning infrastructures. Despite significant investment in technology and infrastructure, cyber-attacks represent one of the greatest challenges in information security. Cyber-attacks primarily pose threats to Internet-based applications and can disable a country’s power or other assets, which are connected to the Internet. By penetrating computer systems that control the energy and other basic services in a country, cyber-attacks can bring down a national service, causing serious cascading effects to create chaos and destabilize a country. Cyber-attacks do not pose a direct threat to infrastructures that are completely isolated from the internet but these infrastructures may be vulnerable to cyber sabotage (e.g. manual importing of virus). With this article, importance of the information and critical infrastructure security and cyber defense will be discussed by proposing solutions against cyber-attacks and possible cyber-attacks regarding the preventive enterprise applications and security of critical infrastructures like power generation and SCADA systems.

Cyber Attacks on Critical Infrastructure

Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance, 2015

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities o...

Cyber effect and security management aspects in critical energy infrastructures

Insights into Regional Development

The purpose of the paper is to compare various types of management models that regulate the response to cyber threats to Critical Infrastructures. The development of an effective management model that regulates the response to cyber-attack against Critical Infrastructure is an important issue in security management. Many frameworks attempt to regulate the response that has to be done to recover and eradicate possible threats, but still, there is not a universal appliable model for all Critical Infrastructures. The paper will offer a comparison of various frameworks in an attempt of evaluating the features that a hypothetical model for response to Cyber Incidents to Critical Infrastructures. The focus is on Critical Energy Infrastructure, as their damage directly means damage to other critical infrastructures, given their extreme interconnectivity. After the analysis of five frameworks of responses to Cyber Incidents, an evaluation will be provided, along with a recommendation.