Cyber-physical Attack Defenses: Weaponization Of The Internet
by Luis Ayala /
2017 / English / Kindle
2.4 MB Download
What is a cyber-physical attack?
A cyber-physical attack is one in which a wholly digital attack against Cyber-Physical Systems (CPS) caused physical destruction of equipment. A cyber-physical attack is different from an enterprise network attack designed to steal money, exfiltrate information, or hold a computer hostage for ransom. Those attacks are fairly simple and can be carried out by a cyber-criminal, or even a garden variety cracker.
Designing an attack scenario to exploit a particular physical process requires a solid engineering background and in-depth destructive knowledge of the target SCADA system (Cyber-Physical Attack Engineering), but a cracker doesn’t need an engineering background to figure out how to turn equipment off.
Basically, it's the weaponization of the Internet.
A typical Industrial Controls System contains multiple control loops and sometimes the control loops are nested and/or cascading, so the set point for one loop is based on the process variable output from another loop. Supervisory control loops and lower-level loops operate continuously over the duration of a process with cycle times of milliseconds. Interrupting one process can have a ripple effect through the factory.
So, what is the big deal?
On December 3 1984, in Bhopal, India there was an industrial accident at a pesticide plant that immediately killed at least 3,800 people and caused significant morbidity and premature death for many thousands more. That was only one incident with a release of only 40 tons of methyl isocyanate gas. Of course, this was an accident and not a cyber-physical attack, but it should give you an idea what could happen in a worst-case scenario.