This week’s assignment we are going to look at the various security frameworks in use today in cybersecurity. You will need to look at your organization’s sec
Instructions
Security Frameworks
This week's assignment we are going to look at the various security frameworks in use today in cybersecurity. You will need to look at your organization’s security framework policies from ISSC479 Week 3 assignment and compare it to a security framework policies for a general computer company.
Assignment Guidelines
Step 1: Obviously our first step is to locate a security framework policy that is publicly available?
Step 2: Once you have completed your research and found a policy to match-up you will begin the process of comparing and contrasting the two security framework policies.
Step 3: Once you have gathered up all the information from your comparing and contrasting, you will want to put together a list of the differences and describe why these differences exist. Finally, you will also want to do an additional 1-2 pages of discussion on whether you think that the security framework and the policies derived from it in ICS and SCADA are truly secure or does the industry need to do more to increase security?
2
Power Grid Attack
Cristian DeWeese
American Military University
ISSC480
06/22/2024
Introduction
In the past few years, cyber attacks on key infrastructure have growingly become a huge concern globally. One of the most important events happened in Ukraine, where attacks on its power grid in 2015 and upcoming years illustrated vulnerabilities in ICS (Industrial Control Systems) and SCADA (Supervisory Control and Data Acquisition)(Guchua et al., 2022). This analysis provides an in-depth understanding and the details of these attacks, the lessons learned from these attacks, and future suggestions for the US.
Event Timeline and Effect
1. December 2015 Attack: In December 2015, regions of Ukraine faced a huge scale power blackout, and investigations explained that sophisticated malware, currently identified as BlackEnergy was employed to attack the SCADA systems of several Ukrainian power administration grids and firms. The attack was initiated with a spoofing effort that targeted workers of these stations, for the purpose of installing the malware on key systems. With this installation intruders gain full control over critical elements of the power grid system. Nearly 224,000 clients were left without power for many hours because of this breach.
2. December 2016 Attack: In December 2016, the country witnessed another stir of cyber attacks on its critical power grid, and this time the intruders used a form of the CrashOverride malware, which was specially designed to affect SCADA key systems(Majchrzak et al. 2021). The malware caused several disruptions around Kiev by focusing on the infrastructure used for the transmission of electricity. Even though fewer customers were directly impacted by the attack than in 2015, it nevertheless demonstrated the tenacity and developing skills of threat actors that target vital infrastructure.
Step 1: Investigating the Attacks on the Ukrainian Power Grid
The Ukrainian Power Grid attacks, specifically those in 2015 and 2016, were smooth cyber operations that resulted in ubiquitous and extensive power interruptions striking millions of people and their work. The attackers used several techniques and strategies, such as organized physical infrastructure attacks, and malware shots and injections. As an acknowledgment that cyber strikes can be difficult, several security experts and administrative hubs have indicated Russian state-financed teams as possible criminals (Guchua et al., 2022). The cyber strikes targeted many important features of the Ukrainian power grid such as:
1. Physical Attacks: In certain events, the invaders physically harmed Ukrainian infrastructure, for example, sub-stations, in order to increase the overall impact of the cyber breaches.
2. Malware Stationing: Invaders deployed malware, for example, Industroyer (also termed as CrashOverride), and BlackEnergy, explicitly used to agitate industrial control systems and infrastructure.
3. Spoofing and Spear-Spoofing: Early infection attempts included spoofing emails and some targeted spear-spoofing attacks specifically aimed at earning access to key systems of the power grid to further attack the other systems(Guchua et al., 2022).
Step 2: Breakdown of the Basic Attacks and Lessons Learned
Kinds of Cyber Attacks:
· Spoofing and Spear-Spoofing: The attackers used several social engineering strategies in order to gain early access to critical systems of the power grid. This underlines the significance of worker coaching and robust email safety protocols to prevent unapproved access.
· Malware Attacks: The employment of malware like CrashOverride and BlackEnergy outlined vulnerabilities in ICS and SCADA systems that command the entire power station and grid(Prisecaru, 2022). These malware were good for controlling key infrastructure procedures, also leading to operational disruptions and blackouts.
· Corporal Infrastructure Attacking: Planned physical strikes on key components and sub-stations of the power grid illustrated a multi-directional strategy to agitate routine operations, combining physical and cyber components for the greatest impact and damages.
Lessons Learned:
· Key Infrastructure and Systems Protection: The Ukrainian case highlights that there is a growing need for global standards as well as collaboration to save key systems and infrastructure from cyber breaches. As this includes data sharing, combined operations, and the creation of powerful systems and infrastructure.
· Significance of Protection and Security in Detail: This case also highlights the need for multi-dimensional security rules and protocols, covering intrusion detection systems (IDS), network partitioning, and some daily security checks in order to detect and stop violations and breaches (Gjesvik & Szulecki, 2023).
· Protecting Supply Networks: Establishing the safety of supply networks and third-party dealers is necessary. Several attacks and breaches manipulate vulnerabilities in suppliers’ infrastructures in order to earn full access to larger chains. Moreover, it is essential to create and test incident response plans that are especially suited to SCADA and ICS environments. Cyber incidents can be reduced in both time and impact by having rapid reaction capabilities.
· Improved Situational Perfection: Another important lesson learned from this case is that early and fast detection and response systems are important. Enhancing tracking abilities and building robust event response standards can also minimize the overall impact of cyber breaches.
· Because cyber dangers are inherently transnational, it is crucial to promote international collaboration and information exchange in order to identify the source of attacks, take appropriate action, and prevent such situations in the future (Gjesvik & Szulecki, 2023).
Possibility of Similar Cyber Attacks on the US:
Evaluating the possibility of similar cyber attacks damaging the US systems mainly covers forecasting the relative preparedness and vulnerabilities of its infrastructure and power grid:
· Vulnerabilities: As Ukraine, the United States depends mainly on ICS and SCADA systems to control its power stations. These networks and structures are unified and in several events, not properly armed against planned cyber attacks.
· Attack Refinement: In Ukrainian attacks, the used strategies and tools are not distinctive and could be reproduced by well-established state and non-state actors affecting US systems.
· Inducements: Strategic interests and some international-relation tensions could stimulate opponents of the US to attack key systems and infrastructure in the US, related to the aims behind the targets on the Ukraine power grid.
· Preparedness: In recent months the United States has made huge developments in improving cyber security plans for key infrastructure, introducing with the help of programs like the Cyber Security & Infrastructure Security Agency (CISA) and the Department of Homeland Security (DHS). Still, issues remain, specifically in protecting bestowal structures and verifying compliance across multiple categories of stakeholders.
Step 3: Describing Events and Threat Possibility towards US Incident Analysis
The attacks on the Ukrainian Power Grid serve as a sobering reminder of the weaknesses present in contemporary critical infrastructure systems(Willett, 2023). The events brought to light not just technological flaws but also the necessity of all-encompassing security plans that take into account human, physical, and cyber aspects.
Threat Possibility to US:
Evaluating the threat to the US covers considering many elements:
1. Cyber Capacity: Opponents with modern cyber powers, similar to those used in the Ukrainian power grid attacks, could possibly attack US systems. The interlinked chain of structures and dependence on digital systems and operations offer directions for manipulation and misuse.
2. International Relations Context: Conflicts among nation-regions could intensify cyber procedures against key systems as a means of destabilization or coercion.
3. Area-specific Sensitivities: Many areas or departments within the United States' key infrastructure for example finance, energy, and transportation experience diverse levels of cyber threat. Given their crucial role in maintaining both economic stability and national security, power grids in particular are a prime target(Eichensehr, 2022).
4. Response and Flexibility: The government of the US has invested in improving cyber securities and flexibility acts. Still, the growing form of cyber attacks requires continuing preparedness and adaptation.
Diminution Methods:
In order to diminish the threat of similar breaches in the United States, some methods can be appraised:
1. Improved or up-to-date Cyber Security Merits: Executing and applying powerful cyber security merits across key infrastructure areas can raise the entire security view and flexibility.
2. Investing in Technology and Coaching: Defenses can be strengthened by ongoing investment in cutting-edge technology, such as AI-driven threat detection and secure-by-design guidelines for new infrastructure, together with frequent staff training and awareness campaigns.
3. Global Cooperation: In order to build combined security and defense against international cyber attacks US administration should promote and advance global cooperation on cyber security norms, data sharing, and combined efforts.
4. Legislative & Regulative Measures: To mandate and incentivize cyber security exercises across public and private departments, the administration should approve robust policies also ensuring accountability and compliance.
Conclusion
In summary, an important case study for comprehending the weaknesses and ramifications of cyber threats to vital infrastructure is the attack on the Ukrainian Power Grid. Through an analysis of these events, a determination of the lessons learned, and a threat landscape assessment, stakeholders can enhance their readiness to counter and mitigate comparable threats. The United States needs to keep improving its cyber security policies and working with other countries to protect its vital infrastructure from increasingly skilled cyber criminals. Other nations can also reduce the effects of cyber-attacks and guarantee the dependability and security of vital services for their population by taking preventative action and building up their collective resilience.
References
Majchrzak, D., Michalski, K., &Reginia-Zacharski, J. (2021). Readiness of the Polish crisis management system to respond to long-term, large-scale power shortages and failures (blackouts). Energies, 14(24), 8286. https://doi.org/10.3390/en14248286
Prisecaru, P. (2022). The War in Ukraine and the Overhaul of EU Energy Security. Global Economic Observer, 10(1). http://www.globeco.ro/wp-content/uploads/vol/GEO_Vol_10_No_1.pdf#page=16
Gjesvik, L., &Szulecki, K. (2023). Interpreting cyber-energy-security events: experts, social imaginaries, and policy discourses around the 2016 Ukraine blackout. European Security, 32(1), 104-124. https://doi.org/10.1080/09662839.2022.2082838
Willett, M. (2023). The cyber dimension of the Russia–Ukraine War. In Survival: October-November 2022 (pp. 7-26). Routledge.9781003422211
Eichensehr, K. E. (2022). Ukraine, cyberattacks, and the lessons for international law. https://www.cambridge.org/core/journals/american-journal-of-international-law/article/ukraine-cyberattacks-and-the-lessons-for-international-law/69B36016B06998BCE1EC67C757CDF34D
Guchua, A., Zedelashvili, T., &Giorgadze, G. (2022). Geopolitics of the Russia-Ukraine War and Russian cyber attacks on Ukraine-Georgia and expected threats. Ukrainian Policymaker, 10(1), 26-36. https://www.ceeol.com/search/article-detail?id=1054174
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.