Cyber-kinetic attack
Overview
A cyber-kinetic attack targets cyber-physical systems and causes direct or indirect physical damage, injury or death, or environmental impact solely through the exploitation of vulnerable information systems and processes.[1] Notable attacks in this category in the recent past have targeted critical infrastructure facilities such as water treatment plants,[2] nuclear power plants,[3] oil refineries,[4] and medical facilities.[5] According to the United States Department of Homeland Security, the most significant cyber security threats to the United States are those targeted at the nation's critical infrastructure and sponsored by criminal organizations that are sponsored by other nation-states.[6]
Crossing the cyber-physical divide
[edit]In the early days of computing, security threats were typically limited attacks that caused destruction of data, or degraded access to computing systems or hardware. However, the last several decades have seen technologies—ranging from supervisory control and data acquisition (SCADA) to Internet of Things—which describe objects embedded with sensors and software and utilize the Internet to exchange data.
Such a system is termed as a Cyber-physical system. Such systems cross the traditional divide between purely in-computer systems (software) and real-life systems (physical systems), with algorithms being autonomously able to control physical systems.
One of the most notably cyber-attacks that had a physical impact, causing significant degradation of a target system, were the Stuxnet and Aurora worms. The Stuxnet worm was first revealed in 2010 and specially targeted weaknesses in Programmable Logic Controllers (PLCs), devices in the SCADA category of systems. Though it was never positivity attributed, it is widely believed that the malicious software was developed jointly by the United States and Israel to disrupt the Iranian nuclear enrichment facility at Natanz. It has also been reported that Stuxnet and associated variants have infected more than 30,000 systems and had a lasting presence which was extremely difficult to eradicate and purify.[7] Both malicious programs exploited Zero-Day attacks on Windows-based operating systems.[8]
As computing crosses the cyber-physical barrier, there is significant effort spent on 'smart' systems, for instance smart cities, smart homes, smart manufacturing and smart vehicles. In the context of cybersecurity, new threats are emerging that target these smart systems. The timeline of cyber-kinetic attacks attests incidents from as early as 1982. Such attacks on information systems that can have physical world impacts are a complete shift in paradigms within the cyber security community, though not unheard of. Many SCADA systems have been fielded up to 20 years ago have very little in the way of modern security protections that are instrumented.
These types of attacks have the potential to bring a new dynamic forward in the concept of cyber warfare and the potential impact on electrical systems, financial systems, critical infrastructure, and communication systems. Though, in reality, these types of attacks may have a closer relation to espionage or idealistically driven attacks, rather than overt warfare. Cyber-kinetic attacks should not be confused with the simple denial of an information system, such as Distributed Denial of Service (DDoS) attack. In these cases, such attacks merely deny access to an information system, where as a cyber-kinetic attack would deny access to a system by physically destroying part of a system or the entire system, rather than just communication access.
On July 10, 2022, an anonymous hacker named Predatory Sparrow launched a cyber-kinetic attack on a sanctioned Iranian steel company resulting in the infrastructure bursting into flames.[9] Then on June 7, 2022, Predatory Sparrow launched another cyberattack at the Iranian Parliament which lit parts of the parliament on fire. A public statement was shortly released by Iran's Prime Minister stated Predatory Sparrow had hacked into Iranian Parliament stealing confidential documents and then shortly after, the hacker set the Iranian Parliament facilities on fire.[10]
References
[edit]- ^ Ivezic, Marin (2015-03-31). "The World of Cyber-Physical Systems & Rising Cyber-Kinetic Risks - Marin". Cyber-Kinetic Security, IoT Security, CPSSEC by Marin Ivezic. Retrieved 2021-07-26.
- ^ "Hacker tries to poison water supply of Florida city". BBC News. 2021-02-08. Retrieved 2021-07-26.
- ^ Shalal, Andrea (2016-10-10). "IAEA chief: Nuclear power plant was disrupted by cyber attack". Reuters. Retrieved 2021-06-26.
- ^ "Industrial Control Systems (ICS) | SANS Institute". www.sans.org. Retrieved 2021-06-26.
- ^ "Medical Device Cyber Attacks: TV Plot or Dangerous Reality?". Drugwatch.com. Retrieved 2021-06-26.
- ^ "Secure Cyberspace and Critical Infrastructure | Homeland Security". www.dhs.gov. Retrieved 2024-03-15.
- ^ Greengard, Samuel (December 2010). "The new face of war". Communications of the ACM. 53 (12): 20–22. doi:10.1145/1859204.1859212. ISSN 0001-0782. S2CID 12917098.
- ^ Matrosov, Aleksandr (September 2010). "Stuxnet under the microscope" (PDF). Retrieved June 26, 2021.
- ^ "Predatory Sparrow: Who are the hackers who say they started a fire in Iran?". 2022-07-10. Retrieved 2024-08-12.
- ^ "Iranian MP Confirms Hack Of Government Institutions". Iran International. Retrieved 2024-08-12.