Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben

2016 | Buch

Cyber-Physical Attack Recovery Procedures Kapitel lesen Erstes Kapitel lesen

Cyber-Physical Attack Recovery Procedures

A Step-by-Step Preparation and Response Guide

verfasst von: Luis Ayala

Verlag: Apress

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

This book provides a template with step-by-step instructions on how to respond and recover when hackers get into your SCADA system and cause building equipment to act erratically or fail completely. When hackers shut off the water, turn off the building power, disable the sewage effluent pumps and activate the fire alarm, you have to do something quick. It is even more alarming that hackers can do all those things at the same time—even from the other side of the planet.

Not every equipment failure or power outage is a cyber-physical attack. When your building is attacked, you probably won’t suspect it was a hacker—until you see a pattern. The building control system (BCS) will act "squirrelly" and you will know—it really is a cyber-physical attack.

Once a cyber-physical attack occurs, it can mean years of court cases, job losses, higher insurance rates, and maybe even criminal litigation. It also takes years to overcome the loss of safety credibility to your employees and the local community. Cyber-Physical Attack Recovery Procedures provides a detailed guide to taking the right steps ahead of time, and equipping your facility and employees with the training, knowledge, and tools they need and may save lives.

The book contains:

A one-of-a-kind action plan describing how hackers attack building equipment, the extent of damage possible, and how to respond when a cyber-physical attack occurs.Detailed descriptions of cyber-physical attacks directed against SCADA systems or building controls, as well as cyber booby traps Invaluable appendices, including: Emergency Procedures, Team Staffing and Tasking, Alternate Site Procedures, a Documentation List, Software and Hardware Inventories, Vendor Contact Lists, External Support Agreements, and much more.

What you’ll learn

Possible ways hackers can cause building equipment to fail.

How to quickly assess the threat to his facilities in real time, how to stop a cyber-physical attack.

How to restore equipment operation without doing any more damage.

Who This Book Is For

Architects, Engineers, Building Managers, Students, Researchers and Consultants interested in cybersecurity-attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.

Inhaltsverzeichnis

Frontmatter
Chapter 1. Cyber-Physical Attack Recovery Procedures
Abstract
Control systems protocols have little or no security safeguards
Luis Ayala
Chapter 2. Threats and Attack Detection
Abstract
When developing strategies for Recovery Procedures, it is helpful to consider the entire range of possible and probable cyber-physical attack vectors that present a risk to an organization. From that range of threats, likely scenarios can be developed and appropriate strategies applied. Any Recovery Procedures should be designed to be flexible enough to respond to extended building interruptions, as well as major natural disasters.
Luis Ayala
Chapter 3. Prevent Hackers from Destroying a Boiler
Abstract
Of course, building engineers assume none of this can happen because of the safety systems designed to prevent catastrophe. Keep in mind that Chernobyl had safety features that were turned off. A hacker will disable safety features without your knowledge. Failure to protect boilers from a cyber-physical attack can (and likely will) result in a catastrophe.
Luis Ayala
Chapter 4. Prevent Hackers from Destroying a Pressure Vessel
Abstract
Pressure vessels are designed to store a gas or liquid at a pressure substantially higher (10,000 psig) than the ambient pressure and are engineered with a safety factor, corrosion allowance, and minimum design temperature (for brittle fracture).
Luis Ayala
Chapter 5. Prevent Hackers from Destroying Chillers
Abstract
Chillers are not as dangerous as steam boilers or pressure vessels, but a hacker can wreak havoc with your chillers if he knows what he’s doing. The old absorption chillers generated hydrogen gas naturally as a result of the reaction of lithium bromide with the steel surfaces of chiller, but they are not very common anymore. A hacker attempting to disrupt the chilled water system will generally mess with the refrigerant flow or the condenser water temperature. If a hacker can cause the pressure differential (lift) to exceed the capacity of the compressor, the backward pressure flow causes the chiller to surge. Conversely, if the hacker can cause the pressure in the evaporator to drop, that can also cause the compressor to surge. If the compressor surges, you’ll know because it is very noisy.
Luis Ayala
Chapter 6. Prevent Hackers from Destroying a Gas Fuel Train
Abstract
A fuel train is a specially designed series of pipes, valves, regulators, and switches located in the mechanical room, supplying pressurized fuel to industrial burners. A typical fuel train has several components, each with a specific purpose. The manual shut-off valve (MSOV) is used to shut off the fuel supply for maintenance. A gas pressure regulator valve (PRV) maintains the fuel at a constant pressure. A low- pressure gas switch equipped with a safety lockout senses when gas pressure is too low for the burner to operate properly. This tells the operator to check the gas pressure, since the burner will not try to restart until the switch is reset.
Luis Ayala
Chapter 7. Prevent Hackers from Destroying a Cooling Tower
Abstract
A cooling tower is used to dispose of unwanted heat from a chiller. Water-cooled chillers operating on the principle of evaporative cooling are normally more energy-efficient than air-cooled chillers. To achieve better performance (more cooling), they are designed to increase the surface area and the time of contact between the air and water flow.
Luis Ayala
Chapter 8. Prevent Hackers from Destroying a Backup Generator
Abstract
In 2007, CNN broadcast a demonstration of an “Aurora” cyber-physical attack of a 2.25 MW generator connected to a substation. This test was conducted at the Idaho National Laboratory (INL) for the Department of Homeland Security. INL staff injected a virus consisting of 20 lines of code that caused an out-of-phase condition that can damage alternating current (AC) equipment connected to the power grid.
Luis Ayala
Chapter 9. Prevent Hackers from Destroying Switchgear
Abstract
Many large industrial facilities can have downtime costs of more than one million dollars per day. Equipment replacement times can easily be months. The risk should be obvious.
Luis Ayala
Chapter 10. Eight Steps to Defending Building Control System
Abstract
I am including this list of recommendations in the hopes that readers will take action to protect their networks. If you only do these eight things, I estimate that you will reduce your vulnerability by 90 percent.
Luis Ayala
Chapter 11. Block Hacker Surveillance of Your Buildings
Abstract
So far, I’ve discussed the ability of an adversary to cause physical damage to your facilities, but there is another aspect to their activities that needs attention.
Luis Ayala
Chapter 12. Cyber-Physical Attack Recovery Procedures Template
Abstract
The Cyber-Physical Attack Recovery Procedures provide guidance when responding to a cyber-attack on the Building Control System and documenting the nature and scope of the cyber-attack.
Luis Ayala
Backmatter
Metadaten
Titel
Cyber-Physical Attack Recovery Procedures
verfasst von
Luis Ayala
Copyright-Jahr
2016
Verlag
Apress
Electronic ISBN
978-1-4842-2065-8
Print ISBN
978-1-4842-2064-1
DOI
https://doi.org/10.1007/978-1-4842-2065-8