Book Image

Critical Infrastructure Security

By : Soledad Antelada Toledano
Book Image

Critical Infrastructure Security

By: Soledad Antelada Toledano

Overview of this book

Discover the core of cybersecurity through gripping real-world accounts of the most common assaults on critical infrastructure – the body of vital systems, networks, and assets so essential that their continued operation is required to ensure the security of a nation, its economy, and the public’s health and safety – with this guide to understanding cybersecurity principles. From an introduction to critical infrastructure and cybersecurity concepts to the most common types of attacks, this book takes you through the life cycle of a vulnerability and how to assess and manage it. You’ll study real-world cybersecurity breaches, each incident providing insights into the principles and practical lessons for cyber defenders striving to prevent future breaches. From DDoS to APTs, the book examines how each threat activates, operates, and succeeds. Additionally, you’ll analyze the risks posed by computational paradigms, such as the advancement of AI and quantum computing, to legacy infrastructure. By the end of this book, you’ll be able to identify key cybersecurity principles that can help mitigate evolving attacks to critical infrastructure.
Table of Contents (16 chapters)
1
Part 1: Introduction to Critical Infrastructure and Cybersecurity Concepts
5
Part 2: Dissecting Cyberattacks on CI
8
Part 3: Protecting Critical Infrastructure
12
Part 4: What’s Next

Stuxnet attack on Iran’s nuclear program (2010)

Stuxnet is a sophisticated worm that emerged in 2010 and is widely believed to be a collaborative effort between multiple nations. Its primary objective was to sabotage Iran’s nuclear enrichment program, specifically targeting the centrifuges used to enrich uranium.

Stuxnet specifically targeted Supervisory Control and Data Acquisition (SCADA) systems, more specifically the Siemens Step7 software, which is used to program Industrial Control Systems (ICS), including Programmable Logic Controllers (PLCs). The PLCs control the actual machinery in an industrial environment, such as the centrifuges in Iran’s nuclear facilities, which Stuxnet targeted.

Stuxnet employed a multi-stage attack process that combined multiple techniques to infiltrate and manipulate ICS. The target was the Siemens SCADA systems used to control the centrifuges at Iran’s Natanz uranium enrichment facility.

This is how the attack...