1. Critical infrastructure cybersecurity--an overview.
- Author
-
CAPANO, DANIEL
- Subjects
- *
INTERNET security , *CYBERTERRORISM , *SOCIAL engineering (Fraud) , *SEWAGE disposal plants , *WATER supply - Abstract
Cybersecurity is often overlooked in protecting a critical facility and the ratepayers' investment. This threat of a cyberattack on critical infrastructure is relatively new. Malware, the umbrella title given to malicious software of all stripes, can do much damage. Until recently, it was a misbegotten belief that software could harm only software; this is not so. Early DOS-based software could destroy hard drives, and it will be shown how manipulation of SCADA and networked programmable logic controllers can cause real physical damage to controlled machinery. In recent years, high-level hackers, working with nation-states and government agencies, have rigorously investigated software for flaws unknown to anyone, exploiting these flaws for espionage or general mayhem. So it is that our industry, which is increasingly relying on automation to manage rising costs and more stringent regulations, has turned to securing SCADA and other process control systems. Should such a system become compromised, the conditions for mayhem and social disruption are an opportunity for hackers. This paper provides a general overview of what could well become a major advanced persistent threat that will affect a broad class of facilities, and a few highlights illustrating the problem of protecting critical infrastructure against such a threat. Basic suggestions for site hardening are offered and recommended. [ABSTRACT FROM AUTHOR]
- Published
- 2017