Attacks on Control Systems
It is very important to mention that
our very lives depend on Control Systems that manage the behavior of complex and
critical components of the global industrial infrastructures such as transportation,
water, power grid, gas, oil, food industry, and pharmaceutical. Thus, securing these
control systems becomes government top priority and national security matter.
According to the U.S. Department of
Energy (DOE) and commercial security consultants, control systems are
vulnerable to cyber attacks and their reliable operations are at risk.
Now let us ask the ultimate question; what
would happen if the control systems were hacked?
Stuxnet virus proved that we should
expect another Chernobyl if similar attacks on control systems happen. Stuxnet was
created and designed by the U.S to target the Iran's Uranium-Enrichment Center
at " Natanz, which has 7,000 centrifuges " and was "inserted ...
by Israeli agents." Its "... payload was rocket science; it's way
above everything that we have ever seen before.
The attack was the beginning of a new era
of wars with new dimensions; the Binary Attacks. The virus was not a self-destructive
program and its source code could be reverse engineered. Therefore, could be
sold in the black market to terrorists. Although the aim of the attack was to immobilize
the country's nuclear capabilities, that country now has a modern weapon with
high level of destruction with low cost! The attacker just served his/her victim.
Stuxnet attack was a turning
point so that governments all over the world started changing their defense
strategies and tactics against a silent weapon that has tremendous power of destructions.
On 12 February 2014, the U.S National Institute of Standards & Technology
(NIST) released the "Framework for Improving Critical Infrastructure
Cybersecurity". The framework completes Obama Administration’s 2013
cybersecurity Executive Order. The Australian government made same announcement
by introducing the Australian Cyber Security Centre (ACSC).
To encourage scientists and researchers in the
field of Cyber security, governments and other contractors propose funds to strong
projects and ideas. The National Science Foundation (NSF) is an active source of money that scientists and
students, at certain levels, can count on it.
Source:
http://apo.org.au/research/cybersecurity-executive-order
Finnie, S. (2012). Stuxnet Was a Wake-up Call, But Don’t Fall Back Asleep. Computerworld, 46(12), 60–60