Cyber-attacks to critical energy infrastructure and management issues: overview of selected cases (original) (raw)
Related papers
Cyber effect and security management aspects in critical energy infrastructures
Insights into Regional Development
The purpose of the paper is to compare various types of management models that regulate the response to cyber threats to Critical Infrastructures. The development of an effective management model that regulates the response to cyber-attack against Critical Infrastructure is an important issue in security management. Many frameworks attempt to regulate the response that has to be done to recover and eradicate possible threats, but still, there is not a universal appliable model for all Critical Infrastructures. The paper will offer a comparison of various frameworks in an attempt of evaluating the features that a hypothetical model for response to Cyber Incidents to Critical Infrastructures. The focus is on Critical Energy Infrastructure, as their damage directly means damage to other critical infrastructures, given their extreme interconnectivity. After the analysis of five frameworks of responses to Cyber Incidents, an evaluation will be provided, along with a recommendation.
Cyber Security for Critical Energy Infrastructure
2018
The United States power grid is a logical target for a major cyber attack because it connects all of the nation’s critical infrastructures with electricity. Attackers consistently exploit vulnerabilities of the bulk power system and are close to being able to disrupt electrical distribution. We live in a world that is interconnected, from personal online banking to government infrastructure; consequently, network security and defense are needed to safeguard the digital information and controls for these systems. The cyber attack topic has developed into a national interest because high-profile network breaches have introduced fear that computer network hacks and other security-related attacks have the potential to jeopardize the integrity of the nation’s critical infrastructure. The national and economic security of the United States depends on a reliable, functioning critical infrastructure. A comprehensive understanding of the effects of a massive power failure may help promote ch...
A Case Study of an Industrial Power Plant under Cyberattack: Simulation and Analysis
Energies, 2021
For critical infrastructures, technological developments regarding real-time data transmission and processing improve the system’s operability and reliability. However, vulnerabilities are introduced in the case of implementing new remote access methods or where redundancy is low. At the national level, most critical infrastructures are connected, and, therefore, achieving a level of security and resilience is based on identifying a multitude of risks. In this respect, the reduction of risk to acceptable levels directly affects the quality of citizens’ lives and decreases losses in the industry. This study starts from the threats to power systems, namely cyberattacks, which are much more dangerous, although less visible, to operators, and almost invisible to the public or the media. From this point of view, it was proved that the most vulnerable parts of the power system were human–machine interfaces, electrical equipment, Surveillance, Control, and Data Acquisition (SCADA) systems....
PROTECTING "CYBERSECURITY & RESILIENCY" OF NATION'S CRITICAL INFRASTRUCTURE
Dr.Anil Lamba, 2018
ARTICLEINFO ABSTRACT Cyber-and sophistication of cyber adversaries grow, so too must the US power system's defenses, situational awareness, and response and recovery strategies. Tra dedicated communication channels to large generators and utility connectivity in today's industrial entities, including electrical utilities, has exposed many digital communication and c improvements including smart grid, smart meters and other advancements are considered, security is of foremost concern. In fact, governments around the world have recognized the existing v and need to protect the grid infrastructure. To solve the problem, regulations and standards are being developed to ensure that the proper security steps are taken. In addition, cyber attackers have targeted crude oil and natural gas (O&G) com impact as the industry employs ever more connected technology. But the industry's cyber maturity is relatively low, and O&G boards show generally limited strategic appreciation of cyber issues. research paper documents the current spread throughout US, highlights required security enhancements and recommendations to foster Cyber
Cyber Attacks on Critical Infrastructure
Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance, 2015
We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities o...
SAFEGUARDING CRITICAL INFRASTRUCTURES
The increasing interconnectedness of critical infrastructures with digital systems has introduced new vulnerabilities and potential aconsequences of cyber-attacks. This paper aims to investigate the vulnerabilities and potential consequences of cyber-attacks on critical infrastructures such as power grids and transportation systems. Additionally, it proposes robust security measures to safeguard against these threats. By exploring the intersection of cybersecurity and critical infrastructures, this paper seeks to contribute to the advancement of science and technology in protecting society's most essential services.
Cybersecurity - A Permanent Challenge for the Energy Sector
2023
Energy security is a primary element in the development of any country. Reliable sources of energy are necessary to sustain industrial activity, power businesses and stimulate economic growth. As the energy sector develops, so does the number of cyber-attacks with significant impact on both energy production and the entire supply chain, which can paralyze the entire economic system, but above all, can destabilize national security. Mitigating all energy sector vulnerabilities is almost impossible. However, in the event of a cybersecurity incident, a series of measures can be implemented with the aim of reducing the risks and ensuring the continuity of operations. This article presents an overview of cyber-threats and vulnerabilities in the energy sector, describes risk management related to cybersecurity, technology solutions and the European Union policy and legislation on cybersecurity in this sector.
Cybersecurity for Critical Infrastructures: Attack and Defense Modeling
IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, 2000
Disruption of electric power operations can be catastrophic on national security and the economy. Due to the complexity of widely dispersed assets and the interdependences among computer, communication, and power infrastructures, the requirement to meet security and quality compliance on operations is a challenging issue. In recent years, the North American Electric Reliability Corporation (NERC) established a cybersecurity standard that requires utilities' compliance on cybersecurity of control systems. This standard identifies several cyber-related vulnerabilities that exist in control systems and recommends several remedial actions (e.g., best practices). In this paper, a comprehensive survey on cybersecurity of critical infrastructures is reported. A supervisory control and data acquisition security framework with the following four major components is proposed: 1) real-time monitoring; 2) anomaly detection; 3) impact analysis; and 4) mitigation strategies. In addition, an attack-tree-based methodology for impact analysis is developed. The attack-tree formulation based on power system control networks is used to evaluate system-, scenario-, and leaf-level vulnerabilities by identifying the system's adversary objectives. The leaf vulnerability is fundamental to the methodology that involves port auditing or password strength evaluation. The measure of vulnerabilities in the power system control framework is determined based on existing cybersecurity conditions, and then, the vulnerability indices are evaluated.
Insights into Regional Development, 2020
The progresses made in terms of cybersecurity in these past years have been huge, and the implementation of newer strategies has brought interesting results all over the globe. However, the full implementation of cybersecurity presents a challenge to a lot of countries, especially if considered the Critical Infrastructure Protection (CIP), which is still one of the areas with the most gaps in terms of cybersecurity. In this article, the first five countries by cybersecurity level according to the Global Cybersecurity Index (GCI) 2018, in order UK, USA, France, Estonia and Lithuania, will be evaluated for their solutions in terms of Critical Infrastructure Protection. The results will show the effective accuracy of the index and will shed light on the various approaches to Critical Infrastructure Protection.