A White Hat Study of a Nation's Publicly Accessible Critical Digital Infrastructure and a Way Forward

A White Hat Study of a Nation's Publicly Accessible Critical Digital Infrastructure and a Way Forward

Timo Kiravuo (Aalto University, Helsinki, Finland), Seppo Tiilikainen (Aalto University, Helsinki, Finland), Mikko Särelä (Aalto University, Helsinki, Finland) and Jukka Manner (Aalto University, Helsinki, Finland)
Copyright: © 2016 |Pages: 12
DOI: 10.4018/IJCWT.2016010104
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

The developed society depends on many critical infrastructure processes, such as power generation, water treatment, many types of manufacturing, and smart buildings. These processes need control and the automation industry has embraced the Internet to connect all these controls. However, the controlling devices thus opened to the world do not always have adequate safeguards to withstand malicious users. Many automation systems have default passwords or known and unknown backdoors. Also, often those systems are not updated to close security weaknesses found after original installation. The authors argue that while the industry is familiar with the notion of safety of equipment and processes, it has not focused enough on IT security. Several years ago the Shodan search engine showed how easy it is to find these control devices on the Internet. The authors followed this research line further by targeting one nation's IP address space with Shodan and found thousands of control systems, many of which represent models and versions with known vulnerabilities. Their first contribution is presenting these findings and analyzing their significance. Their study started in 2012 and the most recent results are from the end of 2015. To gain further knowledge, they have built a prototype scanner capable of finding industrial control systems. This lets the authors evaluate the possibility of performing routine scans to gauge the vulnerability of a nation. Their second contribution is to present a template for a national Internet scanning program. The authors discuss the technology, performance, and legality of such a program. Based on their findings and analysis they argue that nations should continuously monitor their own Internet address space for vulnerabilities. The authors' findings indicate that the current level of vulnerabilities is significant and unacceptable. Scanning a nation's critical infrastructure can be done in minutes, allowing them to keep a tight control of vulnerabilities. Yet, in addition, the authors need to extend current legislation and the rights of government officials to bring more security in national critical infrastructures; this discussion is their third contribution. The cyber-space has become a playing field for criminals, terrorists and nation states, all of which may have a motive to disrupt the daily life of a nation, and currently causing such disruptions is too easy.
Article Preview

2. Background

This section explains further the nature and importance of ICSs, and covers the reasons why control systems are being exposed to the Internet and what can happen when important ICSs malfunction. In the recent years an increasing trend of attacks towards ICSs has been discovered, including nation-state actors targeting specific industrial assets (Falliere 2010).

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing