Cyber Research Center - Industrial
Control Systems / Critical Infrastructures
Security and Cyber Security is a constant challenge facing many aspects of our society including production environments and critical infrastructures. Even in the face of significant threats, society seemingly has insatiable thirst for greater cyber capabilities, and that thirst is accelerating at an increasingly rapid pace. We eagerly adopt new cyber capabilities in the name of efficiency, convenience, entertainment, and even safety; but often, we do so without considering the potentially significant risk. Recent changes in the way we use computers have not only affected where and how computers are used but also the way networks are architected and interconnected: today's network boundaries constantly morph. We are rapidly moving toward a paradigm in which embedded systems as well as 'Internet of Things' will be highly interconnected and pervasive in nearly every aspect of our lives, but what about our safety, security and privacy?
The Cyber Research Center - Industrial Control Systems / Critical Infrastructures is an independent, not for profit, network research & information sharing, expert center working on the future state of acting against Cyber Terrorism and working on Physical & Cyber Protection and Resilience in ICS/CI. CRC-ICS goals are to inform industries / critical infrastructures about the fast changing threats they are facing and the measures, controls and techniques that can be implemented to be prepared to deal with these cyber threats.
The Future of Cyber TerrorismThe face of terrorism is changing. While the motivations remain the same, we are now facing new and unfamiliar weapons. The intelligence systems, tactics, security procedures and equipment that were once expected to protect people, systems, and nations, are powerless against this new, and very devastating weapon. Moreover, the methods of counter-terrorism that our world's specialists have honed over the years are ineffectual against this enemy. Because, this enemy does not attack us with truckloads of explosives, nor with briefcases of Sarin gas, nor with dynamite strapped to the bodies of fanatics. This enemy attacks us with one's and zero's, at a place we are most vulnerable: the point at which the physical and virtual worlds converge.
Potential Cyber Terrorist ActsLet us examine some example cyber terrorist acts. Based on the definitions of terrorism, a determination can be made if they in fact constitute terrorism:
• A cyber terrorist will remotely access the processing control systems of a cereal manufacturer, change the levels of iron supplement, and sicken and kill the children of a nation enjoying their food. That cyber terrorist will then perform similar remote alterations at a processor of infant formula. The key: the cyber terrorist does not have to be at the factory to execute these acts.
• A cyber terrorist will place a number of computerized bombs around a city, all simultaneously transmitting unique numeric patterns, each bomb receiving each other's pattern. If bomb one stops transmitting, all the bombs detonate simultaneously. The keys: 1) the cyber terrorist does not have to be strapped to any of these bombs; 2) no large truck is required; 3) the number of bombs and urban dispersion are extensive; 4) the encrypted patterns cannot be predicted and matched through alternate transmission; and 5) the number of bombs prevents disarming them all simultaneously. The bombs will detonate.
• A cyber terrorist will disrupt the banks, the international financial transactions, the stock exchanges. The key: the people of a country will lose all confidence in the economic system. Would a cyber terrorist attempt to gain entry to the Federal Reserve building or equivalent? Unlikely, since arrest would be immediate. Furthermore, a large truck pulling along side the building would be noticed. However, in the case of the cyber terrorist, the perpetrator is sitting on another continent while a nation's economic systems grind to a halt. Destabilization will be achieved.
• A cyber terrorist will attack the next generation of air traffic control systems, and collide two large civilian aircraft. This is a realistic scenario, since the cyber terrorist will also crack the aircraft's in-cockpit sensors. Much of the same can be done to the rail lines.
• A cyber terrorist will remotely alter the formulas of medication at pharmaceutical manufacturers. The potential loss of life is unfathomable.
• The cyber terrorist may then decide to remotely change the pressure in the gas lines, causing a valve failure, and a block of a sleepy suburb detonates and burns. Likewise, the electrical grid is becoming steadily more vulnerable.
In effect, the cyber terrorist will make certain that the population of a nation will not be able to eat, to drink, to move, or to live. In addition, the people charged with the protection of their nation will not have warning, and will not be able to shut down the terrorist, since that cyber terrorist is most likely on the other side of the world. Sadly, these examples are not science fiction. All of these scenarios can be executed today. As you may know, some of these incidents already have occurred in various nations. More of such acts will take place tomorrow. Are you prepared?
Cyber Space - Cyber Terrorism
While cyber-criminals, thrill-seekers, terrorists, and hacktivists will continue to be the most frequent form of cyber-threat in 2017, and arguably the most dangerous, state-use of cyber tactics in militarized disputes and espionage is also a great, and also possibly the greatest, danger. As with potential terrorist takeovers of industrial control systems, states are growing their abilities in this and other areas, such as the ability to disable the internet and networked defense systems of an adversary. Read also the CRC-ICS Whitepaper 'Cyber Space: The Fifth Domain of War!?'