Page 156 - Cyber Terrorism and Extremism as Threat to Critical Infrastructure Protection
P. 156

SECTION II:  CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION

        During 2011, Canadian government reported a major cyberattack against its agencies, includ-
        ing Defence Research and Development Canada, a research agency for Canada’s Department
        of National Defense. The attack forced Canada’s main economic agencies, to disconnect from
        the internet. In July 2011, the US Deputy Secretary of Defense stated that a defence contrac-
        tor had been hacked and 24,000 files from the Department of Defense had been stolen. The
        Russian firm Kaspersky discovered a worldwide cyber attack dubbed “Red October”, during
        2012 which had been operating since at least 2007. The hackers gathered information through
        vulnerabilities in Microsoft’s Word and Excel programs. The primary targets of the attack
        appeared to be Eastern Europe, the former USSR and Central Asia, although Western Europe
        and North America also reported victims. The virus collected information from government
        Embassies, research firms, military installations, energy providers, nuclear power stations
        and other critical infrastructures. In 2013 the South Korean financial institutions came under
        cyber-attacks, when the Korean broadcaster YTN had their networks infected, in an incident
        said to resemble past cyber efforts by North Korea (Adair, 2009).



























        Figure 1: History of global cyber-attacks on critical infrastructure 1

        In a direct cyber-attack, ISIS’ attempted to hack US electrical power companies in October
        2015. In Europe, the most well-known event,  until recently was the Ukrainian power grid
        cyber-attack in December 2015, where attackers hacked the Ukrainian utilities’ networks,
        gained access and manually switched off power to 43 electrical substations. In December
        2016, Ukraine suffered another cyber-attack, this time it was fully automated, as hackers
        struck an electricity transmission station north of the city of Kiev, blacking out a portion
        of the Ukrainian capital equivalent to a fifth of its total power capacity (Ukrainian Ministry
        of Energy and Coal, January 2016. http://mpe.kmu.gov.ua/minugol/control/ publish/ article?
        artid= 245 082298).

        1  https:is5com.com/uncategorized/nov-22-2017-cyber-immunity-a-holistic-view-for-industrial-control-systems/







       156
   151   152   153   154   155   156   157   158   159   160   161