Environmental Engineering Reference
In-Depth Information
of control systems increasingly make critical decisions that were once made
by humans, the potential effect of a cyber threat becomes more devastating.
Such cyber threats could come from numerous sources, ranging from hostile
governments and terrorist groups to disgruntled employees and other mali-
cious intruders. Based on interviews and discussions with representatives
throughout the electric power industry, the Information Assurance Task
Force of the National Security Telecommunications Advisory Committee
concluded that an organization with sufficient resources, such as a foreign
intelligence service or a well-supported terrorist group, could conduct a
structured attack on the electric power grid electronically, with a high degree
of anonymity and without having to set foot in the target nation.
In 2002, the National Infrastructure Protection Center (NIPC) reported
that the potential for compound cyber and physical attacks, referred to as
swarming attacks
, is an emerging threat to the U.S. critical infrastructure. As
NIPC reports, the effects of a swarming attack include slowing or complicat-
ing any response to the physical attack. An example would be a cyber attack
that disabled the water supply or the electrical system in conjunction with
a physical attack that denied emergency services the resources necessary to
manage the consequences, such as controlling fires, coordinating actions,
and generating light.
Control systems, such as SCADA, can be vulnerable to cyber attacks.
Entities or individuals with malicious intent might take one or more of the
following actions to successfully attack control systems:
• Disrupt the operation of control systems by delaying or blocking
the flow of information through control networks, thereby denying
availability of the networks to control system operations.
• Make unauthorized changes to programmed instructions in PLCs,
RTUs, or distributed control system (DCS) controllers; change alarm
thresholds; or issue unauthorized commands to control equipment,
which could potentially result in damage to equipment (if tolerances
are exceeded), premature shutdown of processes (such as prema-
turely shutting down transmission lines), or even disabling control
equipment.
• Send false information to control system operators either to disguise
unauthorized changes or to initiate inappropriate actions by system
operators.
• Modify control system software, producing unpredictable results.
• Interfere with the operation of safety systems.
In addition, in control systems that cover a wide geographic area, the remote
sites are often unstaffed and may not be physically monitored. If such remote
systems are physically breached, the attackers could establish a cyber con-
nection to the control network.
