Critical Infrastructure Protection and Security Benchmarks

Critical Infrastructure Protection and Security Benchmarks

Guillermo A. Francia III, Xavier P. Francia
Copyright: © 2015 |Pages: 12
DOI: 10.4018/978-1-4666-5888-2.ch419
(Individual Chapters)
No Current Special Offers

Chapter Preview



The increasing network connectivity witnessed in Supervisory Control and Data Acquisition (SCADA) systems raises cyber security concerns for Industrial Control Systems (ICS) facilities. Further, the various and numerous instrumentation and control systems, mingled with external offices and corporate business systems around it, creates a heterogeneous environment that is difficult to monitor and maintain against cyber attack.

General ICS Threats and Vulnerabilities

Threats to industrial control systems (ICS) include “adversarial sources such as hostile governments, terrorist groups, industrial spies, disgruntled employees, malicious intruders, and natural sources such as from system complexities, human errors and accidents, equipment failures and natural disasters,” (Stouffer, 2008). These threats to ICS are described in Table 1.

Table 1.
Threats to ICS (Stouffer, 2008)
Threat AgentDescription
InsidersInsiders include disgruntled persons who have unrestricted access to cause damage or steal data.
PhishersPhishers use spam and spyware to execute phishing schemes in an attempt to steal identities or information for monetary gain.
SpammersSpammers distribute unsolicited email with hidden or false information to sell products, conduct phishing schemes, distribute spyware/malware, or attack organizations through denial-of-service attacks.
Spyware/Malware AuthorsIndividuals or organizations with malicious intent carry out attacks against users by producing and distributing spyware and malware.
TerroristsTerrorists seek to destroy, incapacitate, or exploit critical infrastructures to threaten national security, cause mass casualties, weaken the U.S. economy, and damage public morale and confidence. Terrorists may use phishing schemes or spyware/malware to generate funds or gather sensitive information.
Industrial SpiesIndustrial espionage seeks to acquire intellectual property.
AttackersAttackers may break into networks for thrill of challenge or bragging rights. Conducting attacks have become easier to use through attack tools and attack scripts and protocols readily available to download from the Internet.
Bot-network OperatorsBot-network operators take over multiple systems to coordinate and distribute attacks, phishing schemes, spam, and malware.
Criminal GroupsCriminal groups use spam, phishing, and spyware/malware to commit identity theft and online fraud for monetary gain.
Foreign Intelligence ServicesSeveral nations are aggressively working to develop information warfare doctrines, programs, and capabilities for espionage activities and disruption of the supply, communications, and economic infrastructures of others.

Key Terms in this Chapter

Security Metrics: The measure of risks and the activities related to information protection within an organization.

Performance Dashboard: A visual display of key performance data that is usually use for real-time system monitoring.

Security Benchmarks: Minimum measures that must be attained to ensure the integrity, confidentiality and availability of information.

Critical Infrastructures: Systems that are vital to a nation's national security and well-being.

Risk Assessment: A process of establishing measures of risk attributes: probability, frequency, and impact, with the intent of providing a sound cost and benefit analysis.

Key Performance Indicators: A set of measures that represent the overall system status.

Complete Chapter List

Search this Book: