Cyber-physical attacks are a special category of cyberattacks that, whether intentionally or not, also negatively affect physical space by targeting the computing and communication infrastructure that allows people and systems to control and monitor sensors and actuators. Cyber-physical attacks are usually considered in connection with cyber-physical systems and the vulnerability of their computing and communication elements. For example, an attacker who takes control of the computing or communication components of water pumps, medical car implants, and gas pipeline valves could use them to interfere with physical space, damaging property or the environment, and putting lives at risk.As a result, security is widely regarded as one of the most important challenges in the design of reliable cyber-physical systems. In future work, the goal is to gain a deeper understanding of the threats faced by the infrastructure of cyber-physical systems, as well as to determine the likelihood and consequences of threats to cyber-physical systems.
Cyber security incident history
While the concept of cyber-physical attack is not new, in recent years we have become so dependent on computer and network systems that such attacks are now considered a key threat to critical national infrastructures and a real threat to private cars, home automation devices, and even pacemakers. Cyber security incidents can be misconfiguration accidents and sheer bad luck, or they can be government sponsored attacks within months of preparation.
The 1980s saw the widespread adoption of Supervisory Control and Data Acquisition (SCADA) systems, the production and supply of energy is controlled remotely and in a largely automated manner, as a result, a defect in the program code can actually affect power plants and pipelines.
. , Therac-25, 1980- , . , . . - , .
1994 , - . 5- , . , , - , - , , . , , , .
1998 , . , Digital loop carrier (DLC) . . , , DLC , . DLC , . . , - , , , 6 . - , .
1999 , , - SCADA, [1]. , . - . SCADA, . (RTU) , HMI . , . SCADA . , , , . SCADA, . , , . .
, , , . , , , , , . SCADA , . - , , - , . , , , , .
2000 , . . , 120 000 . 2000 SCADA- 880 142 , . , , . , , . , , , - . , , , -. , , , , .
, , . , , . , Maroochi SCADA. , , . SCADA . , . , , , , , SCADA. , , 2 , 800 000 , .
- 2008 . - , , , . , . - , .
-, , 2010 . , 60 , SCADA. , . , .
( , SCADA-), ( , ""), , , , ( , ).
SCADA , , , , , , , RTU. , , , RTU , ( , 1).
SCADA ( , 2), , . , COTS( ) ( , 1). , . ( 1) SCADA . , RTU - (HMI), ,
1 - SCADA
, , .
- , . IP-, , . . .
:
, ;
, , , ;
- , , .
, .
- . , web-. , USB-, , ( dumpster diving). dumpster diving - , [2]. , .
. . , .
- . . , , , . Fishing.
Watering Hole - , - , - [3]. : , / , , .
, . Nmap [4], [5] Wireshark [6]. , , , ...
Google, , , Yahoo, Bing , . -, , , . , , Shodan.
Shodan , , . , Shodan , . Shodan . , , [7].
. , , .
(communication jamming)
, . , A B , A B . . . , , , . , , , . , . / . , , « ».
(command injection)
, . , , , . , .
(false data injection)
False data injection - , , . , , . , , , . , .
(man-in-the-middle)
. , , ( 2). , , . (ARP), ARP , , . , . , . , , . .
2 - "man-in-the-middle"
(replay attack)
, . , , , , . Stuxnet , . , , “close the valve,” “deliver insulin,” “unlock the door», , , . ; , . , , .
. , . . (, , ) , , .
/ (Code injection/firmware modification)
, , , .
, . - SQL-, -, , . , SQL .
. .
(malware infection)
« » , , , , , , [8], , .
- -, , -. (, , , USB- . .).
, . , , , , . . (Stuxnet).
, . , , , , , .
( , . .) . ,
(botnet), . 10 000 , , - «DoS», 200 . [9]
- , , .
, Stuxnet , SCADA, , . , .
- , , , .
- .
(denial of service)
, (DoS) - , . , , Shodan. () , , .
, , , .
2013 400 / . , , . , . , . .
DoS , . , , , . , .
, , , . , , .
GPS (GPS Jamming)
, GPS. , . GPS, : , GPS. , , , , GPS , .
(black hole)
. , , , , . , “ ”. , , , . “ ”. , SCADA, DNP3. - . - . - , . , , . : : , , .
(Rogue Node)
, , . . , , . , OBD ( ). - , . . - , , DoS, , , . .
(Network Isolation)
, . [10]. , - , , . “ ”, , . . , , . . , “ ”,
( 1). 2.
1 - SCADA
|
|
RTU/PLC / |
, , |
RTU / PLC SCADA |
/ , , , , , , , / , , |
, SCADA |
, , |
/ (, ) |
, ( ) |
|
, |
|
- ( , SQL- . .), |
2 -
|
|
Wi-Fi Wi-Fi |
Wi-Fi , , , , |
|
, |
Stuxnet
SCADA 1960- , . , Modbus, DNP3 , , . , , , . , . , SCADA - , , , SCADA - , , COTS . , .
, , Stuxnet , . , , Stuxnet , . Stuxnet, 2009 , ; . Stuxnet , , . , , .
, , , , . , . , , , .. , .
, , , , . , , , GPS, , .
, , . , ( 3) [11].
3 -
|
|
- |
|
/ . |
, .
|
|
. |
, . |
|
. , . , . |
, . , , . ( ) . |
|
. |
, , . |
|
. . |
. , . |
|
, , . |
- . |
|
, , - . |
, , . |
|
, . -, , . |
- , . . |
|
TPM . |
TPM , . . |
|
. |
- , . |
, , - . , , . , , . , , , , , . , - , , , , . .
, , , . , . , , , , .
1. . [ ] : https://clck.ru/SbttK
2. Dumpster Diving - Security Through Education [ ] : https://clck.ru/Sc3FU
3. Security Strategies for Hindering Watering Hole Cyber Crime Attack - ScienceDirect [ ] : https://clck.ru/Sc3GR
4. Nmap: the Network Mapper - Free Security Scanner [ ] : https://nmap.org/
5. Tenable® - The Cyber Exposure Company [ ] : https://www.tenable.com
6. Wireshark • Go Deep. [ ] : https://www.wireshark.org/
7. Shodan. IoT — «» (xakep.ru) [ ] : https://xakep.ru/2015/11/25/shodan-howto/
8. Types of Malware | Internet Security Threats | Kaspersky [ ] : https://www.kaspersky.com.au/resource-center/threats/malware-classifications
9. Distributed Denial-of-Service, DDoS (denial of service) [electronic resource] access mode: https://clck.ru/Sc3L3
10. Shin, DH, Koo, J., Yang, L., Lin, X., Bagchi, S., and Zhang, J. (2013). Lowcomplexity secure protocols to defend cyber-physical systems against network isolation attacks. In Conference on Communications and Network Security (CNS), pp. 9199, IEEE, October 2013.
11. George Loukas. Cyber-physical attacks: a growing invisible threat. Butterworth-Heinemann (Elsevier), 2015.