Critical Infrastructure Security : Cybersecurity Lessons Learned from Real-World Breaches

Critical Infrastructure Security Cybersecurity Lessons Learned from Real-World Breaches

Venture through the core of cyber warfare and unveil the anatomy of cyberattacks on critical infrastructure Key Features Gain an overview of the fundamental principles of cybersecurity in critical infrastructure Explore real-world case studies that provide a more exciting learning experience, increa...

Full description

Bibliographic Details
Other Authors: Toledano, Soledad Antelada, author (author)
Format: eBook
Language:Inglés
Published: Birmingham : Packt Publishing [2024]
Edition:First edition
Subjects:
Cyberinfrastructure.
Computer security.
See on Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009825857406719
Table of Contents:
  • Cover
  • Title Page
  • Copyright and Credits
  • Dedications
  • Contributors
  • Table of Contents
  • Preface
  • Part 1: Introduction to Critical Infrastructure and Cybersecurity Concepts
  • What is Critical Infrastructure?
  • Chemical sector
  • Impact of a compromised chemical sector
  • Cyberattack scenarios in the chemical sector
  • Commercial facilities sector
  • Impact of a compromised commercial facilities sector
  • Cyberattack scenarios in the commercial facilities sector
  • Communications sector
  • Impact of a compromised communications sector
  • Cyberattack scenarios in the communications sector
  • Critical manufacturing sector
  • Impact of a compromised critical manufacturing sector
  • Cyberattack scenarios in the critical manufacturing sector
  • Dams sector
  • Impact of a compromised dams sector
  • Cyberattack scenarios in the dams sector
  • Defense industrial base sector
  • Impact of a compromised defense industrial base sector
  • Cyberattack scenarios in the defense industrial base sector
  • Emergency services sector
  • Impact of a compromised emergency services sector
  • Cyberattack scenarios in the emergency services sector
  • Energy sector
  • Impact of a compromised energy sector
  • Cyberattack scenarios in the energy sector
  • Preventing and mitigating cyberattacks
  • Financial services sector
  • Impact of a compromised financial services sector
  • Cyberattack scenarios in the financial services sector
  • Food and agriculture services sector
  • Impact of a compromised food and agriculture sector
  • Cyberattack scenarios in the food and agriculture services sector
  • Government facilities sector
  • Impact of a compromised government facilities sector
  • Cyberattack scenarios in the government facilities sector
  • Healthcare and public health sector
  • Impact of a compromised healthcare and public health sector.
  • Cyberattack scenarios in the healthcare and public health sector
  • Information technology sector
  • Impact of a compromised information technology sector
  • Cyberattack scenarios in the information technology sector
  • Nuclear reactors, materials, and waste sector
  • Impact of a compromised nuclear reactor sector
  • Cyberattack scenarios in the nuclear reactor sector
  • Transportation system sector
  • Impact of a compromised transportation system sector
  • Cyberattack scenarios in the transportation system sector
  • Water and wastewater sector
  • Impact of a compromised water and wastewater sector
  • Cyberattack scenarios in the water and wastewater sector
  • Summary
  • References
  • Chapter 2: The Growing Threat of Cyberattacks on Critical Infrastructure
  • A brief history of CI protection and attacks
  • The impact of the 9/11 attacks on CI
  • Same old attacks throughout history
  • Executive order 13010
  • Evolution of a nation's CI protection posture
  • Evolution of cyberattacks and countermeasures
  • The state of CI in the face of cyberattacks
  • COVID-19-period cyberattack landscape
  • The Colonial Pipeline ransomware attack
  • Attacks in 2023
  • National cybersecurity strategies
  • Summary
  • References
  • Chapter 3: Critical Infrastructure Vulnerabilities
  • Understanding the difference between threat, vulnerability, and risk
  • Vulnerability
  • Threat
  • Risk
  • Vulnerability assessment
  • Scope definition
  • Asset inventory
  • Threat modeling
  • Vulnerability scanning
  • Manual assessment
  • Risk prioritization
  • Remediation planning
  • Verification and validation
  • Ongoing monitoring
  • Reporting and documentation
  • Security vulnerability management life cycle
  • Discovery
  • Assessment and prioritization
  • Notification
  • Remediation or mitigation
  • Verification and validation
  • Monitoring and continuous assessment
  • End of life.
  • Most common vulnerabilities and threats in CI
  • Inadequately secured industrial control systems (ICS)
  • Common vulnerabilities in industrial control systems (ICS)
  • Ransomware targeting CI
  • Supply chain attacks on CI components
  • Legacy systems and lack of security updates
  • Physical security breaches
  • Internet of Things (IoT) vulnerabilities
  • Summary
  • References
  • Part 2: Dissecting Cyberattacks on CI
  • Chapter 4: The Most Common Attacks Against CI
  • DDoS attack
  • Volumetric attacks
  • Reflection and amplification attacks
  • Resource depletion attacks
  • Protocol-based attacks
  • Application layer attacks
  • Ransomware attack
  • Infection
  • Encryption
  • Ransom note
  • Ransom payment
  • Data recovery
  • No guarantee of data recovery
  • Supply chain attack
  • Scope of attack
  • Attack vector
  • Stealth and persistence
  • Data exfiltration
  • Software supply chain attacks
  • Hardware supply chain attacks
  • Impersonation and trust exploitation
  • Mitigation challenges
  • Notable examples
  • APT
  • Phishing
  • The anatomy of a phishing attack
  • Impersonation and trust exploitation
  • Pretexting and urgency
  • Mimicking authority figures
  • Deception and lure
  • Malicious links and attachments
  • Why do phishing tactics persist?
  • Common unpatched vulnerabilities
  • The significance of timely patching
  • Summary
  • References
  • Chapter 5: Analysis of the Top Cyberattacks on Critical Infrastructure
  • Stuxnet attack on Iran's nuclear program (2010)
  • Ukrainian power grid attack (2015)
  • Dyn attack on internet infrastructure (2016)
  • WannaCry (2017)
  • NotPetya (2017)
  • SolarWinds attack (2020)
  • Colonial Pipeline ransomware attack (2021)
  • Summary
  • References
  • Part 3: Protecting Critical Infrastructure
  • Chapter 6: Protecting Critical Infrastructure - Part 1
  • Network security and continuous monitoring.
  • Network segmentation
  • Access control
  • Intrusion detection and prevention systems
  • Virtual private networks (VPNs)
  • Security audits and penetration testing
  • Honeypots and deception technologies
  • Zero trust architecture
  • Security monitoring
  • Security policy and frameworks
  • NIST cybersecurity framework
  • ISO/IEC 27001 and ISO/IEC 27002
  • NERC CIP
  • The Department of Homeland Security (DHS) critical infrastructure security framework
  • HITRUST CSF
  • CIS Controls
  • Summary
  • References
  • Chapter 7: Protecting Critical Infrastructure - Part 2
  • Systems security and endpoint protection
  • Antivirus/antimalware protection
  • Firewalls
  • Host IDS/IPS
  • EDR
  • Application security
  • Secure software development life cycle
  • Code reviews and static analysis
  • Authentication and authorization hardening
  • Data encryption
  • Session management
  • Security patching and updates
  • Penetration testing
  • Logging and monitoring
  • IR and data recovery
  • Summary
  • References
  • Chapter 8: Protecting Critical Infrastructure - Part 3
  • IR
  • IR history
  • IR planning
  • Security culture and awareness
  • Interconnectivity of critical infrastructure
  • Cascading effects of a cyberattack
  • Responsibility to safeguard critical assets
  • Insider threats
  • Teamwork and information sharing
  • Executive orders
  • Executive Order 13010 - Critical Infrastructure Protection (1996)
  • Executive Order 13231 - Critical Infrastructure Protection in the Information Age (2001)
  • Homeland Security Presidential Directive 7 (HSPD-7) - Critical Infrastructure Identification, Prioritization, and Protection (2003)
  • Executive Order 13636 - Improving Critical Infrastructure Cybersecurity (2013)
  • Presidential Policy Directive 21 (PPD-21) - Critical Infrastructure Security and Resilience (2013).
  • Executive Order 13873 - Securing the Information and Communications Technology and Services Supply Chain (2019)
  • Executive Order 13870 - America's Cybersecurity Workforce (2019)
  • Executive Order 13865 - Coordinating National Resilience to Electromagnetic Pulses (2019)
  • Executive Order 13905 - Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing Services (2020)
  • Executive Order 14028 - Improving the Nation's Cybersecurity (2021)
  • Executive Order 14110 - Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (2023)
  • Summary
  • References
  • Part 4: What's Next
  • Chapter 9: The Future of CI
  • Increment and innovation of cybersecurity measures
  • More robust encryption implementation
  • Human factor and training
  • PPPs
  • Resilience and recovery
  • Integration of IoT and smart technologies
  • Supply chain security
  • Advancements in threat detection technologies
  • Greater regulatory and compliance requirements
  • Cross-sector collaboration
  • Summary
  • Conclusion
  • References
  • Index
  • Other Books You May Enjoy.

Similar Items