Abstract
Chapter 1 sets the scene by providing an overview of the Industry 4.0 concept that is conjoining a number of different technologies, with various levels of maturity, in order to provide an end-to-end capability. This case study is a good exemplar to tease out many pertinent socio-technical topics where the main contexts will be elaborated on throughout the remainder of the book. In short, a case is made that cyber security is first and foremost a human problem, but also highlights the importance of regulation, standards, and bodies to underpin cyber security. Examples of the opposing forces are covered here that together if unmitigated will contrive to undermine the cyber resilience of the 21st century.
TopBackground
Whilst it is not possible to cover every cyber security issue in one chapter, this case study will provide a compendium of general topical issues, some of which the author will explore further in this book. Many of the security principles covered here are pertinent to OT, IoT, and AI systems today because they have not only become increasingly interconnected, but most of them are also managed via ICT. This is a very large subject area that transcends private Local Area Networks (LAN), distributed wide-area networks across the Internet and Cloud Service Provider (CSP) infrastructure. Therefore, Industry 4.0 serves as a ideal paradigm to highlight the diversity of key cyber security challenges facing civilization. The remainder of the book then elaborates on many common themes and discusses how society should go about resolving them.
Key Terms in this Chapter
IoT: A scale of technologies that span a variety of front-end sensors/devices using lightweight protocols to remotely distribute data through fog computing edge devices to back-end processing systems in the Cloud.
DDoS: A means of overloading servers using a range of protocols in order to successfully starve the victim of computational resources and the ability to operate effectively.
APT: Proficient hackers working for cyber-criminality or foreign state threat actors working towards various goals in order to achieve nefarious outcomes such as data exfiltration or extortion.
Dark Web: An underground marketplace consisting of a series of obscured websites that are accessed using anonymization techniques such as The Onion Router network.
Phishing: Use of emails to entice users to either open an attachment containing embedded malicious code or ‘click on a link’ representing a URL of a server under an attacker’s control that can land malware onto the victim’s client. Spear phishing is the targeted distribution of spoof emails to a target audience.
AGI: Mature AI capabilities in which the machine thinking ability is more comparable to human intelligence.
CIA: The triad of confidentiality, integrity, and availability are the underpinning factors in considering mitigating control-sets to treat cyber security problem areas.
Man-in-the-middle Attack: An attacker who has gained unauthorized access to a network can intercept dataflows across that network fabric, whether ethernet-based or wireless.
Malware: Specially crafted code/software used to subvert or compromise a computerized asset, which may include viruses, worms, or trojan horses.
Signaling: Is part of the C-Plane used in modern architectures to synchronize and track utilization of U-Plane for billing and subscription purposes.
Coronavirus Disease-19: Known as COVID-19. This is a viral and novel coronavirus that was detected in 2019 and that spreads to the lungs once the Severe Acute Respiratory Syndrome Coronavirus 2 pathogen has been incubated by an infected human host.