SlideShare uma empresa Scribd logo

Protection of critical information infrastructure

Transferir como PPTX, PDF
N
Neha Agarwal

Information Infrastructure is the term usually used to describe the totality of inter-connected computers and networks, and information flowing through them. Certain parts of this Information Infrastructure, could be dedicated for management / control etc of infrastructure providers’ e.g. Power generation, Gas/oil pipelines, or support our economy or national fabric e.g. Banking / Telecom etc. The contribution of the services supported by these infrastructures, and more importantly, the impact of any sudden failure or outage on our National well being or National Security marks them as being Critical. By extension, information infrastructure supporting the operations of Critical Infrastructure (CI) marks this as Critical Information infrastructure (CII). These Networks operate/monitor and control important Governmental and Societal functions and services including, but not limited to, Power (Generation/transmission/ distribution etc), Telecommunication (mobile/landline/internet etc), Transportation (Air/land/rail/sea etc), Defence etc. These CII are becoming increasingly dependent on their information infrastructure for information management, communication and control functions.

Ciências
1 de 27
Protection of Critical Information Infrastructure By: Rinchon Sanghkro Avibunno Aakriti Shukla Neha Agarwal Vansheeka Saxena
Critical Information Infrastructure • In general Critical Infrastructure (CI) can be defined as: “those facilities, systems, or functions, whose incapacity or destruction would cause a debilitating impact on national security, governance, economy and social well-being of a nation.” • Information Infrastructure is the term usually used to describe the totality of inter-connected computers and networks, and information flowing through them. • Critical Information Infrastructure (CII) are those information and communications technology infrastructure upon which the core functionality of Critical Infrastructure is dependent. • As per section 70 of IT Act 2000, CII is defined as: “the computer resource, the incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health or safety.”
Critical Sectors  Energy  Transportation (air, surface, rail & water)  Law enforcement, security & intelligence  Sensitive Government organisations  Banking & Finance  Telecommunication  Defense  Space  Public health  Water supply  Critical manufacturing  E- governance  Power generation
Characteristics of CII 1. Highly Complex 2. Interconnected 3. Interdependent 4. Distributed
Importance and management of CII • Critical infrastructures play a vital role in today’s societies, enabling many of the key functions and services upon which modern nations depend. • From financial networks to emergency services, energy generation to water supply, these infrastructures fundamentally impact and continually improve our quality of life. • Particularly vital in this regard are critical information infrastructures, those vast and crosscutting networks that link and effectively enable the proper functioning of other key infrastructures. • The five basic steps that must be kept in mind are: 1. Determining risk management scope; 2. Identifying critical information infrastructure functions; 3. Analyzing critical function value chain and interdependencies; 4. Assessing critical function risk; and 5. Prioritizing and treating critical function risk.
National Critical Information Infrastructure Protection Centre (NCIIPC) - Origin •In 2008, in recognition of the rise in cyber vulnerabilities, threats and attacks, India’s Information Technology Act was amended. •Section 70A was introduced, which laid down the mandate for the creation of a new agency to protect sectors designated as CII. •While those changes were made in 2008, the Gazette Notification by the Government of India came, however, only on January 16, 2014. •Under section 70A(1) of the Information Technology (Amendment) Act 2008, the Government of India, has designated ‘National Critical Information Infrastructure Protection Centre’ (NCIIPC) as the national nodal agency responsible for all measures, including research and development relating to the protection of CII.
NCIIPC is driven by  its mission “To take all necessary measures to facilitate protection of Critical Information Infrastructure from unauthorized access, modification, use, disclosure, disruption, incapacitation or destruction through coherent coordination, synergy and raising information security awareness among all stakeholders” and  a vision “to facilitate safe, secure and resilient Information Infrastructure for Critical Sectors of the nation”. The NCIIPC started off with several sectors, but has now categorised them into five broad areas that cover the ‘critical sectors’. These are: i. Power & Energy ii. Banking, Financial Institutions & Insurance iii. Information and Communication Technology iv. Transportation v. E-governance and Strategic Public Enterprise
Guiding Principles  Development of mechanisms to facilitate Identification of CII in conjunction with CI organizations.  Protection of CII through a risk management approach.  Ensuring compliance of NCIIPC policies, guidelines, advisories/ alerts etc. by CII.  Develop capabilities for real time warning system and facilitate sharing of information on emerging threats, cyber attacks, vulnerabilities etc with CIIs.  Lead and coordinate national programs and policies on Critical Information Infrastructure.
Guiding Principles Establish national and international linkages / initiatives including R&D for the protection of CII. Promote Indigenous Research and Development (R&D) relating to protection of Critical Information Infrastructure. Develop mechanisms to facilitate sharing of information among CII stake holders as well as with NCIIPC. Facilitate thematic workshops and Information Security Awareness and Training Programme. Facilitate capacity building towards creation of highly skilled manpower through engaging Premier Institutes like IISc, NITs etc as well as private/non government partners working on CIIP. Establish Sectoral CERTs to deal with critical sector specific issues.
NCIIPC critical controls Implementation control Operational control Reporting and accountability Disaster recovery Planning control NCIIPC CRITICAL CONTROLS
Planning Controls • Identification of CII • Information Security Department (ISD) • Vertical and Horizontal Interdependencies • Information Security Policy • Integration Control • VTR Assessment and Mitigation Controls • Security Certifications • Physical Security Controls
Implementation Controls • Asset and Inventory Control : To correlate and track all physical and virtual assets owned by the CIIs. • Access Control Policies : Role based approach should be followed. • Identification and Authentication Control : Providing unique identity to all the users of the information. • Physical and Environmental Security • Testing and Evaluation of Hardware and Software : Organizations need to be cautious in deploying possibly contaminated hardware or software products, especially in CII. After procurement and before deployment of hardware there should be an in depth testing and evaluation of systems.
Operational Controls • Data storage: Hashing and Encryption •Data Loss Prevention •Penetration Testing •Training, Awareness and Skill up-gradation •Incident Management – Response • Critical Information Disposal and Transfer •Network Device Protection • APT protection
Disaster Recovery/Business Continuity Planning (BCP) Controls Contingency Planning Data Back-up and Recovery Plan Hot disaster recovery site warm disaster recovery site cold disaster recovery site The entire aim of the Contingency planning is to reduce the impact of the disaster or any major CII outage to the minimum
• Reporting to Govt. Agencies • Periodic Audit Reporting and Accountability Controls
Threats to Critical Information Infrastructure Vulnerabilities are gaps/weaknesses in systems that allow an attacker to reduce the systems information assurance. Threats are actors / actions targeting the vulnerabilities in a system. Risks are the possibilities that a particular threat will successfully exploit vulnerability and the resultant impact of that exploitation on the information assurance of the system.
Critical Information and threat • The threat actors exploit the underlying vulnerabilities within the application software, control systems software, hardware or even the people to get access to the desired location in the network. • Once the network—enterprise or control system network—is breached, they can execute commands, steal sensitive information such as design or configuration or corrupt the information flowing to the interfaces. • Threat actors have their own set of motivational factors, varying from political to security or monetary gains to rivalry or competition. • There are myriad malicious actors, varying from insiders (in the form of disgruntled employees or compromised/socially engineered employees), economic, military or adversary nation states, criminal syndicates to terrorist
TYPES OF THREATS Threats to critical infrastructure can be broadly classified into three categories: 1. Natural threats include weather problem in both hot and cold climates and also geological hazards like earthquakes, tsunamis, land shifting etc. 2. Accidental threats arise from failures, errors and miscalculation 3. Human threats include all the attempts made by malicious actors to gain access to the system with the intent of causing a harm or damage. It can be classified into Insider, Outsider and Collusion
Human Threats • Insider : An insider could be a person (employee, partner, contractor or vendor) within the organization, having authorization or legitimate access to the asset where the attack has been executed. Generally, insiders possess the requisite information, credentials or security clearances pivotal to perpetrate an attack. There are different motivational factors, varying from monetary gain to disgruntlement and jealously to vengeance. • Outsider : An outsider, as an adversary, is external to the organization and therefore does not have the authorization or legitimate access to targeted asset. The list of motivational factors is quite wide, as it could vary from acts of terrorism to crime and hacktivism to professional services. • Incollusion : Collusion happens when an outsider partners with an collusion perpetrate an attack. In order to gain an easy and definite access, adversaries are generally in quest of vulnerable insiders, the they exploit these insiders to their own advantage. However, the insider might sometimes unconsciously pass on certain information to the adversary.
Threat Vector To Critical Information Infrastructure A Threat Vector is a path or a tool that a threat Actor uses to attack the target. They can be • Malware • Email attachment • Removable drives • Web application attack • Social Network • DDOS • Social Engineering • Mobile phones
Objectives, Motivations and Characteristics of Cyber-attacks
ATTACK SURFACE AND THREAT VECTORING • An attack is fundamentally the convergence of vulnerability, accessibility of the system and capability of the adversary • An attack surface is an aggregate of all the points of entry for a potential attacker, and these points are spread across the network, the software or the applications, through physical means of entry and it also includes the human beings. These points of entry let the attacker send data to the target or extract data from the target. • Network attack surface originates from the exposed constituents of networking technology, such as the protocols, the ports and communication channels; the devices in form of routers, firewalls or mobile phones; and the network applications such as cloud-based services and firmware interfaces with external systems. • Software attack surface is calculated across the programmed code an organization executes in totality and these include the applications, different email services, configurations, databases, executables, Web applications, mobile applications and operating systems, covering the interfaces, services, protocols and practices available to all users, particularly the components accessible to unauthenticated users.
• Human attack surface considers the wide spectrum of vulnerabilities within the human beings, which could compromise sensitive information leading to an easy way into the secured systems. These considerations are as diverse as social engineering attacks, inadvertent errors, malicious insiders, death, disease or disability of human resources. • A thorough attack surface analysis is a vital input to the process of setting up defensive mechanisms of firewall, intrusion prevention systems, intrusion detection systems, data policy and other security measures. Despite defences, attacks do take place; and for an attack to succeed, attacker adopts a path or means to gain access to the target and deliver the malicious code, known as attack vector. • Common attack vectors are Web application attacks, client side attacks, network attacks, attacks using malware, DoS/DDoS attacks, social engineering or spear phishing attacks, man-in-the-middle attack or interception of communication channel, targeted attacks by evading/bypassing perimeter protection devices, etc.
Strategies followed by Attackers to exploit Safety Instrumented System (SIS) • Attackers have now moved beyond reconnaissance and are leveraging their acquired knowledge of control networks to interrupt production and create safety incidents. They are targeting systems which are critical for national security, economy and health of citizen. • Cyber terrorists could do tremendous damage if they wanted to, ranging from taking control of water treatment facilities to shutting down power generation plants to causing havoc with air traffic control systems and all of these systems are extremely vulnerable to attack. • Malicious actors have been penetrating the computer networks of companies that operate nuclear power stations, other energy facilities, and manufacturing plants. The threat is growing exponentially and could easily spin out of control. The malware referred to as Triton is significant to impact on CII’s because it is not only part of an increasing focus of attacks on industrial control systems (ICSs), but it is the first to directly target a safety instrumented system (SIS).
RECENT CASE STUDIES • Venezuela Decries Attack On Critical Infrastructure_3rd apr,19 • Iran Conducted Cyber Attacks On UK Infrastructure – Report_dec,18 • Hexion, Momentive and Norsk Hydro all hit by ransom ware cyber attacks_ March,19 • Hackers beat university cyber-defences in two hours_4th April, 19
REFERENCES • http://nciipc.gov.in/cyberAttack.html • https://idsa.in/system/files/monograph/monograph60.pdf • http://www.nciipc.gov.in/documents/NCIIPC_Newsletter_Jan 19.pdf • https://mha.gov.in/division_of_mha/cyber-and-information- security-cis-division • Guidelines for the Protection of National Critical Information Infrastructure Version 2.0 16 January 2015 India • http://nciipc.gov.in/alerts_advisories_more.html
THANK YOU

Recomendados

Critical infrastructure
Critical infrastructureCritical infrastructure
Critical infrastructureProf. David E. Alexander (UCL)
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Security services
Security servicesSecurity services
Security servicesGayan Geethanjana
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Cyber Space
Cyber SpaceCyber Space
Cyber SpaceKashif Latif
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismSai praveen Seva
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismshaympariyar
 

Recomendados

Critical infrastructure
Critical infrastructureCritical infrastructure
Critical infrastructureProf. David E. Alexander (UCL)
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Security services
Security servicesSecurity services
Security servicesGayan Geethanjana
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Cyber Space
Cyber SpaceCyber Space
Cyber SpaceKashif Latif
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismSai praveen Seva
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismshaympariyar
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASICLakkireddy Bali Reddy Collage of Engineering
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptxssuserd24233
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIAhmed Banafa
 
Computer and network security
Computer and network securityComputer and network security
Computer and network securityKarwan Mustafa Kareem
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itlavakumar Thatisetti
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgEric Vanderburg
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and StandardsDirectorate of Information Security | Ditjen Aptika
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Investigation of a cyber crime
Investigation of a cyber crimeInvestigation of a cyber crime
Investigation of a cyber crimeatuljaybhaye
 
Cyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesCyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesDave Reeves
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response ManagementDon Caeiro
 

Mais conteúdo relacionado

Mais procurados

Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptxssuserd24233
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIAhmed Banafa
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itlavakumar Thatisetti
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgEric Vanderburg
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Investigation of a cyber crime
Investigation of a cyber crimeInvestigation of a cyber crime
Investigation of a cyber crimeatuljaybhaye
 

Mais procurados (20)

Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Security policies
Security policiesSecurity policies
Security policies
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptx
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AI
 
Computer and network security
Computer and network securityComputer and network security
Computer and network security
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigation
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Digital investigation
Digital investigationDigital investigation
Digital investigation
 
Email investigation
Email investigationEmail investigation
Email investigation
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Investigation of a cyber crime
Investigation of a cyber crimeInvestigation of a cyber crime
Investigation of a cyber crime
 

Semelhante a Protection of critical information infrastructure

Cyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesCyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesDave Reeves
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response ManagementDon Caeiro
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
REPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxREPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxeresavenzon
 
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance FrameworkID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance FrameworkIGF Indonesia
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceMarlabs
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimesChinatu Uzuegbu
 
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxGuarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxANA Cyber Security Forensic Pvt. Ltd.
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxbakhtinasiriav
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 
Defensive Cybersecurity Approach for Organizations.pptx
Defensive Cybersecurity Approach for Organizations.pptxDefensive Cybersecurity Approach for Organizations.pptx
Defensive Cybersecurity Approach for Organizations.pptxInfosectrain3
 
IT Security & Risk
IT Security & Risk IT Security & Risk
IT Security & Risk Tanujpandey5
 

Semelhante a Protection of critical information infrastructure (20)

Cyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesCyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical Services
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response Management
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
REPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptxREPORT USE OF CYBERSECURITY.pptx
REPORT USE OF CYBERSECURITY.pptx
 
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance FrameworkID IGF 2016 - Infrastruktur 3 - Security Governance Framework
ID IGF 2016 - Infrastruktur 3 - Security Governance Framework
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Internet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wallInternet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wall
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptx
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimes
 
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptxGuarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
Guarding Indias Digital Fortress The Vulnerability to Zero Day Attacks.pptx
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
Defensive Cybersecurity Approach for Organizations.pptx
Defensive Cybersecurity Approach for Organizations.pptxDefensive Cybersecurity Approach for Organizations.pptx
Defensive Cybersecurity Approach for Organizations.pptx
 
IT Security & Risk
IT Security & Risk IT Security & Risk
IT Security & Risk
 
CCA study group
CCA study groupCCA study group
CCA study group
 

Mais de Neha Agarwal

Metallic Poison.pptx
Metallic Poison.pptxMetallic Poison.pptx
Metallic Poison.pptxNeha Agarwal
 
Interpretation of dna typing results and codis
Interpretation of dna typing results and codis Interpretation of dna typing results and codis
Interpretation of dna typing results and codis Neha Agarwal
 
Sample collection and preservation of biological samples
Sample collection and preservation of biological samplesSample collection and preservation of biological samples
Sample collection and preservation of biological samplesNeha Agarwal
 
Scope and significance of forensic chemistry
Scope and significance of forensic chemistryScope and significance of forensic chemistry
Scope and significance of forensic chemistryNeha Agarwal
 
Microorganisms in biological warfare
Microorganisms in biological warfareMicroorganisms in biological warfare
Microorganisms in biological warfareNeha Agarwal
 
Forensic science investigators
Forensic science investigatorsForensic science investigators
Forensic science investigatorsNeha Agarwal
 
Gene regulation in prokaryotes
Gene regulation in prokaryotesGene regulation in prokaryotes
Gene regulation in prokaryotesNeha Agarwal
 
The complement system
The complement systemThe complement system
The complement systemNeha Agarwal
 
Echinococcus granulosus
Echinococcus granulosusEchinococcus granulosus
Echinococcus granulosusNeha Agarwal
 
adventures of huckleberryfinn
adventures of huckleberryfinnadventures of huckleberryfinn
adventures of huckleberryfinnNeha Agarwal
 
Krebs cycle or tricarboxylic cycle or citric acid cycle
Krebs cycle or tricarboxylic cycle or citric acid cycleKrebs cycle or tricarboxylic cycle or citric acid cycle
Krebs cycle or tricarboxylic cycle or citric acid cycleNeha Agarwal
 
Induced breeding in fishes
Induced breeding in fishesInduced breeding in fishes
Induced breeding in fishesNeha Agarwal
 

Mais de Neha Agarwal (17)

Metallic Poison.pptx
Metallic Poison.pptxMetallic Poison.pptx
Metallic Poison.pptx
 
Interpretation of dna typing results and codis
Interpretation of dna typing results and codis Interpretation of dna typing results and codis
Interpretation of dna typing results and codis
 
Sample collection and preservation of biological samples
Sample collection and preservation of biological samplesSample collection and preservation of biological samples
Sample collection and preservation of biological samples
 
Scope and significance of forensic chemistry
Scope and significance of forensic chemistryScope and significance of forensic chemistry
Scope and significance of forensic chemistry
 
Microorganisms in biological warfare
Microorganisms in biological warfareMicroorganisms in biological warfare
Microorganisms in biological warfare
 
Forensic science investigators
Forensic science investigatorsForensic science investigators
Forensic science investigators
 
Errors and types
Errors and typesErrors and types
Errors and types
 
Gene regulation in prokaryotes
Gene regulation in prokaryotesGene regulation in prokaryotes
Gene regulation in prokaryotes
 
Action potential
Action potentialAction potential
Action potential
 
Action potential
Action potentialAction potential
Action potential
 
The complement system
The complement systemThe complement system
The complement system
 
Indian rivers
Indian riversIndian rivers
Indian rivers
 
Sericulture
SericultureSericulture
Sericulture
 
Echinococcus granulosus
Echinococcus granulosusEchinococcus granulosus
Echinococcus granulosus
 
adventures of huckleberryfinn
adventures of huckleberryfinnadventures of huckleberryfinn
adventures of huckleberryfinn
 
Krebs cycle or tricarboxylic cycle or citric acid cycle
Krebs cycle or tricarboxylic cycle or citric acid cycleKrebs cycle or tricarboxylic cycle or citric acid cycle
Krebs cycle or tricarboxylic cycle or citric acid cycle
 
Induced breeding in fishes
Induced breeding in fishesInduced breeding in fishes
Induced breeding in fishes
 

Último

GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)Areesha Ahmad
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPirithiRaju
 
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts ServiceJustdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Servicemonikaservice1
 
chemical bonding Essentials of Physical Chemistry2.pdf
chemical bonding Essentials of Physical Chemistry2.pdfchemical bonding Essentials of Physical Chemistry2.pdf
chemical bonding Essentials of Physical Chemistry2.pdfTukamushabaBismark
 
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....muralinath2
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticssakshisoni2385
 
Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young
Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai YoungDubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young
Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Youngkajalvid75
 
GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)Areesha Ahmad
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bSérgio Sacani
 
Conjugation, transduction and transformation
Conjugation, transduction and transformationConjugation, transduction and transformation
Conjugation, transduction and transformationAreesha Ahmad
 
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑Damini Dixit
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)Areesha Ahmad
 
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 60009654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000Sapana Sha
 
The Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxThe Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxseri bangash
 
Sector 62, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 62, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 62, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 62, Noida Call girls :8448380779 Model Escorts | 100% verifiedDelhi Call girls
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Monika Rani
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)Areesha Ahmad
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professormuralinath2
 
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICESAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICEayushi9330
 

Último (20)

GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
 
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts ServiceJustdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
 
chemical bonding Essentials of Physical Chemistry2.pdf
chemical bonding Essentials of Physical Chemistry2.pdfchemical bonding Essentials of Physical Chemistry2.pdf
chemical bonding Essentials of Physical Chemistry2.pdf
 
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 
Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young
Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai YoungDubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young
Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young
 
GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
 
Conjugation, transduction and transformation
Conjugation, transduction and transformationConjugation, transduction and transformation
Conjugation, transduction and transformation
 
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)
 
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 60009654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
 
The Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxThe Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptx
 
Sector 62, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 62, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 62, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 62, Noida Call girls :8448380779 Model Escorts | 100% verified
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICESAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE
 

Protection of critical information infrastructure

  • 1. Protection of Critical Information Infrastructure By: Rinchon Sanghkro Avibunno Aakriti Shukla Neha Agarwal Vansheeka Saxena
  • 2. Critical Information Infrastructure • In general Critical Infrastructure (CI) can be defined as: “those facilities, systems, or functions, whose incapacity or destruction would cause a debilitating impact on national security, governance, economy and social well-being of a nation.” • Information Infrastructure is the term usually used to describe the totality of inter-connected computers and networks, and information flowing through them. • Critical Information Infrastructure (CII) are those information and communications technology infrastructure upon which the core functionality of Critical Infrastructure is dependent. • As per section 70 of IT Act 2000, CII is defined as: “the computer resource, the incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health or safety.”
  • 3. Critical Sectors  Energy  Transportation (air, surface, rail & water)  Law enforcement, security & intelligence  Sensitive Government organisations  Banking & Finance  Telecommunication  Defense  Space  Public health  Water supply  Critical manufacturing  E- governance  Power generation
  • 4. Characteristics of CII 1. Highly Complex 2. Interconnected 3. Interdependent 4. Distributed
  • 5. Importance and management of CII • Critical infrastructures play a vital role in today’s societies, enabling many of the key functions and services upon which modern nations depend. • From financial networks to emergency services, energy generation to water supply, these infrastructures fundamentally impact and continually improve our quality of life. • Particularly vital in this regard are critical information infrastructures, those vast and crosscutting networks that link and effectively enable the proper functioning of other key infrastructures. • The five basic steps that must be kept in mind are: 1. Determining risk management scope; 2. Identifying critical information infrastructure functions; 3. Analyzing critical function value chain and interdependencies; 4. Assessing critical function risk; and 5. Prioritizing and treating critical function risk.
  • 6. National Critical Information Infrastructure Protection Centre (NCIIPC) - Origin •In 2008, in recognition of the rise in cyber vulnerabilities, threats and attacks, India’s Information Technology Act was amended. •Section 70A was introduced, which laid down the mandate for the creation of a new agency to protect sectors designated as CII. •While those changes were made in 2008, the Gazette Notification by the Government of India came, however, only on January 16, 2014. •Under section 70A(1) of the Information Technology (Amendment) Act 2008, the Government of India, has designated ‘National Critical Information Infrastructure Protection Centre’ (NCIIPC) as the national nodal agency responsible for all measures, including research and development relating to the protection of CII.
  • 7. NCIIPC is driven by  its mission “To take all necessary measures to facilitate protection of Critical Information Infrastructure from unauthorized access, modification, use, disclosure, disruption, incapacitation or destruction through coherent coordination, synergy and raising information security awareness among all stakeholders” and  a vision “to facilitate safe, secure and resilient Information Infrastructure for Critical Sectors of the nation”. The NCIIPC started off with several sectors, but has now categorised them into five broad areas that cover the ‘critical sectors’. These are: i. Power & Energy ii. Banking, Financial Institutions & Insurance iii. Information and Communication Technology iv. Transportation v. E-governance and Strategic Public Enterprise
  • 8. Guiding Principles  Development of mechanisms to facilitate Identification of CII in conjunction with CI organizations.  Protection of CII through a risk management approach.  Ensuring compliance of NCIIPC policies, guidelines, advisories/ alerts etc. by CII.  Develop capabilities for real time warning system and facilitate sharing of information on emerging threats, cyber attacks, vulnerabilities etc with CIIs.  Lead and coordinate national programs and policies on Critical Information Infrastructure.
  • 9. Guiding Principles Establish national and international linkages / initiatives including R&D for the protection of CII. Promote Indigenous Research and Development (R&D) relating to protection of Critical Information Infrastructure. Develop mechanisms to facilitate sharing of information among CII stake holders as well as with NCIIPC. Facilitate thematic workshops and Information Security Awareness and Training Programme. Facilitate capacity building towards creation of highly skilled manpower through engaging Premier Institutes like IISc, NITs etc as well as private/non government partners working on CIIP. Establish Sectoral CERTs to deal with critical sector specific issues.
  • 11. Planning Controls • Identification of CII • Information Security Department (ISD) • Vertical and Horizontal Interdependencies • Information Security Policy • Integration Control • VTR Assessment and Mitigation Controls • Security Certifications • Physical Security Controls
  • 12. Implementation Controls • Asset and Inventory Control : To correlate and track all physical and virtual assets owned by the CIIs. • Access Control Policies : Role based approach should be followed. • Identification and Authentication Control : Providing unique identity to all the users of the information. • Physical and Environmental Security • Testing and Evaluation of Hardware and Software : Organizations need to be cautious in deploying possibly contaminated hardware or software products, especially in CII. After procurement and before deployment of hardware there should be an in depth testing and evaluation of systems.
  • 13. Operational Controls • Data storage: Hashing and Encryption •Data Loss Prevention •Penetration Testing •Training, Awareness and Skill up-gradation •Incident Management – Response • Critical Information Disposal and Transfer •Network Device Protection • APT protection
  • 14. Disaster Recovery/Business Continuity Planning (BCP) Controls Contingency Planning Data Back-up and Recovery Plan Hot disaster recovery site warm disaster recovery site cold disaster recovery site The entire aim of the Contingency planning is to reduce the impact of the disaster or any major CII outage to the minimum
  • 15. • Reporting to Govt. Agencies • Periodic Audit Reporting and Accountability Controls
  • 16. Threats to Critical Information Infrastructure Vulnerabilities are gaps/weaknesses in systems that allow an attacker to reduce the systems information assurance. Threats are actors / actions targeting the vulnerabilities in a system. Risks are the possibilities that a particular threat will successfully exploit vulnerability and the resultant impact of that exploitation on the information assurance of the system.
  • 17. Critical Information and threat • The threat actors exploit the underlying vulnerabilities within the application software, control systems software, hardware or even the people to get access to the desired location in the network. • Once the network—enterprise or control system network—is breached, they can execute commands, steal sensitive information such as design or configuration or corrupt the information flowing to the interfaces. • Threat actors have their own set of motivational factors, varying from political to security or monetary gains to rivalry or competition. • There are myriad malicious actors, varying from insiders (in the form of disgruntled employees or compromised/socially engineered employees), economic, military or adversary nation states, criminal syndicates to terrorist
  • 18. TYPES OF THREATS Threats to critical infrastructure can be broadly classified into three categories: 1. Natural threats include weather problem in both hot and cold climates and also geological hazards like earthquakes, tsunamis, land shifting etc. 2. Accidental threats arise from failures, errors and miscalculation 3. Human threats include all the attempts made by malicious actors to gain access to the system with the intent of causing a harm or damage. It can be classified into Insider, Outsider and Collusion
  • 19. Human Threats • Insider : An insider could be a person (employee, partner, contractor or vendor) within the organization, having authorization or legitimate access to the asset where the attack has been executed. Generally, insiders possess the requisite information, credentials or security clearances pivotal to perpetrate an attack. There are different motivational factors, varying from monetary gain to disgruntlement and jealously to vengeance. • Outsider : An outsider, as an adversary, is external to the organization and therefore does not have the authorization or legitimate access to targeted asset. The list of motivational factors is quite wide, as it could vary from acts of terrorism to crime and hacktivism to professional services. • Incollusion : Collusion happens when an outsider partners with an collusion perpetrate an attack. In order to gain an easy and definite access, adversaries are generally in quest of vulnerable insiders, the they exploit these insiders to their own advantage. However, the insider might sometimes unconsciously pass on certain information to the adversary.
  • 20. Threat Vector To Critical Information Infrastructure A Threat Vector is a path or a tool that a threat Actor uses to attack the target. They can be • Malware • Email attachment • Removable drives • Web application attack • Social Network • DDOS • Social Engineering • Mobile phones
  • 22. ATTACK SURFACE AND THREAT VECTORING • An attack is fundamentally the convergence of vulnerability, accessibility of the system and capability of the adversary • An attack surface is an aggregate of all the points of entry for a potential attacker, and these points are spread across the network, the software or the applications, through physical means of entry and it also includes the human beings. These points of entry let the attacker send data to the target or extract data from the target. • Network attack surface originates from the exposed constituents of networking technology, such as the protocols, the ports and communication channels; the devices in form of routers, firewalls or mobile phones; and the network applications such as cloud-based services and firmware interfaces with external systems. • Software attack surface is calculated across the programmed code an organization executes in totality and these include the applications, different email services, configurations, databases, executables, Web applications, mobile applications and operating systems, covering the interfaces, services, protocols and practices available to all users, particularly the components accessible to unauthenticated users.
  • 23. • Human attack surface considers the wide spectrum of vulnerabilities within the human beings, which could compromise sensitive information leading to an easy way into the secured systems. These considerations are as diverse as social engineering attacks, inadvertent errors, malicious insiders, death, disease or disability of human resources. • A thorough attack surface analysis is a vital input to the process of setting up defensive mechanisms of firewall, intrusion prevention systems, intrusion detection systems, data policy and other security measures. Despite defences, attacks do take place; and for an attack to succeed, attacker adopts a path or means to gain access to the target and deliver the malicious code, known as attack vector. • Common attack vectors are Web application attacks, client side attacks, network attacks, attacks using malware, DoS/DDoS attacks, social engineering or spear phishing attacks, man-in-the-middle attack or interception of communication channel, targeted attacks by evading/bypassing perimeter protection devices, etc.
  • 24. Strategies followed by Attackers to exploit Safety Instrumented System (SIS) • Attackers have now moved beyond reconnaissance and are leveraging their acquired knowledge of control networks to interrupt production and create safety incidents. They are targeting systems which are critical for national security, economy and health of citizen. • Cyber terrorists could do tremendous damage if they wanted to, ranging from taking control of water treatment facilities to shutting down power generation plants to causing havoc with air traffic control systems and all of these systems are extremely vulnerable to attack. • Malicious actors have been penetrating the computer networks of companies that operate nuclear power stations, other energy facilities, and manufacturing plants. The threat is growing exponentially and could easily spin out of control. The malware referred to as Triton is significant to impact on CII’s because it is not only part of an increasing focus of attacks on industrial control systems (ICSs), but it is the first to directly target a safety instrumented system (SIS).
  • 25. RECENT CASE STUDIES • Venezuela Decries Attack On Critical Infrastructure_3rd apr,19 • Iran Conducted Cyber Attacks On UK Infrastructure – Report_dec,18 • Hexion, Momentive and Norsk Hydro all hit by ransom ware cyber attacks_ March,19 • Hackers beat university cyber-defences in two hours_4th April, 19
  • 26. REFERENCES • http://nciipc.gov.in/cyberAttack.html • https://idsa.in/system/files/monograph/monograph60.pdf • http://www.nciipc.gov.in/documents/NCIIPC_Newsletter_Jan 19.pdf • https://mha.gov.in/division_of_mha/cyber-and-information- security-cis-division • Guidelines for the Protection of National Critical Information Infrastructure Version 2.0 16 January 2015 India • http://nciipc.gov.in/alerts_advisories_more.html