What is a cyber-physical attack? A cyber-physical attack is one in which a wholly digital attack against Cyber-Physical Systems (CPS) caused physical destruction of equipment. A cyber-physical attack is different from an enterprise network attack designed to steal money, exfiltrate information, or hold a computer hostage for ransom. Those attacks are fairly simple and can be carried out by a cyber-criminal, or even a garden variety cracker. Designing an attack scenario to exploit a particular physical process requires a ...
Read More
What is a cyber-physical attack? A cyber-physical attack is one in which a wholly digital attack against Cyber-Physical Systems (CPS) caused physical destruction of equipment. A cyber-physical attack is different from an enterprise network attack designed to steal money, exfiltrate information, or hold a computer hostage for ransom. Those attacks are fairly simple and can be carried out by a cyber-criminal, or even a garden variety cracker. Designing an attack scenario to exploit a particular physical process requires a solid engineering background and in-depth destructive knowledge of the target SCADA system (Cyber-Physical Attack Engineering), but a cracker doesn't need an engineering background to figure out how to turn equipment off. Basically, it's the weaponization of the Internet. A typical Industrial Controls System contains multiple control loops and sometimes the control loops are nested and/or cascading, so the set point for one loop is based on the process variable output from another loop. Supervisory control loops and lower-level loops operate continuously over the duration of a process with cycle times of milliseconds. Interrupting one process can have a ripple effect through the factory. So, what is the big deal? On December 3 1984, in Bhopal, India there was an industrial accident at a pesticide plant that immediately killed at least 3,800 people and caused significant morbidity and premature death for many thousands more. That was only one incident with a release of only 40 tons of methyl isocyanate gas. Of course, this was an accident and not a cyber-physical attack, but it should give you an idea what could happen in a worst-case scenario. Imagine you wake up in the morning and go the bathroom. You turn on the faucet and nothing happens. You go back to the bedroom and the clock is flashing 12:00. You hit the power button on the TV remote and nothing happens. It's a little warm in the house, but the air conditioning won't work. Then you realize that though the sun is out and it's a normal weekday, you don't hear any cars going by. You go outside to your car and it won't start. The cell phone has no signal and won't stay on when you power up. The toaster doesn't heat up and you have to light the gas stove with a match. It's a nice day so you walk to work and notice a line outside the supermarket, but the doors are locked. You ask why they don't open up and they say there is no power to run the cash registers. Even their backup generator won't start. None of the traffic lights work, but there are no cars on the road anyway. This is a cyber-physical attack that affects all utilities and electronic devices. If you don't know what these words mean, you may want to order a copy of this book: ASCII Armoring, Bastard Operator from Hell, Bash Bunny, Buried Treasure, Censys, Crack Root, Dancing Frog, Death Code, Demon Dialer, Disappearing Malware, Fileless Attack, Flytrap, Godzillagram, Heavy Wizardry, Internet of Shit (IoS), Joe-Job, Killer Poke, LAN Turtle, Leapfrog Attack, Malware-as-a-Service, Man-in-the-Browser Attack, Misfeature, Nested Control Loop, OOK, Patch Velocity, Perfect Forward Secrecy, Ping of Death Attack, PunkSPIDER, Rabbit Job, Rubber Ducky, Samurai, Tarball, Ten-Finger Interface, Tinkerbell Program, True-Hacker, Vadding, Voodoo Programming, Wall Follower, Wave a Dead Chicken, Whacker, Wi-Fi Pineapple, Wirehead, Yoyo Mode, Zbeba, Zipperhead, and ZoomEye. Rather than repeat much of the jargon used by engineers and cybersecurity folks here, this book contains definitions not found in the Cybersecurity Lexicon. Otherwise, this book would be twice the number of pages. If you see a word that's unfamiliar, please refer to the Cybersecurity Lexicon.
Read Less