6 Common Types of Cyber Physical Attacks
What are Cyber-Physical Systems?
To understand cyber-physical attacks we need to first understand cyber-physical systems. Definition of Cyber Physical System (CPS) by the National Institute of Standards and Technology (U.S. Department of Commerce)
“CPS comprises interacting digital, analog, physical, and human components engineered for function through integrated physics and logic.”
Cyber Physical Systems are the amalgamation of three different processes—computation, networking, and physical processes. These systems are monitored and controlled by embedded computers and networks using feedback loops where physical processes affect computations and vice versa.
CPS is the foundation for the evolution of Industry 4.0 from Industry 3.0 and is transforming global advanced manufacturing.
What is a Cyber Threat?
NIST defines cyber threat as any event that has the potential to adversely impact organizational operations, assets, individuals, or even a Nation through an information system via unauthorized access, destruction, modification of information, and/or disruption of service.
The Harming Potential of Cyber Attacks – A Brief Overview
According to a report by Accenture and therefore the Ponemon Institute, the typical cost of cyber-crime globally reached $11.7 million per organization in 2017.
As per NBC News, the U.S. manufacturing sector lost about $240 billion in revenue and 42,220 manufacturing jobs from 2002 to 2012 due to cyberattacks.
In 2020, the Stuxnet computer worm rendered almost one-fifth of Iran’s nuclear centrifuges useless by infecting more than 200,000 computers and physically degrading 1000 machines.
In 2014, hackers attackers the control system of a steel factory in Germany. This attack left the control system incapable of shutting down a blast furnace properly on the factory.
6 Common Types of Cyber-Physical Attacks
The most common types of cyber-physical attacks can be summarized as follows:
1. Zero-day attacks
Zero-day attacks target a security vulnerability that has not yet been disclosed publicly. Since such a vulnerability has not been disclosed publicly, there’s a high probability that knowledge thereof is merely possessed by a specific few individuals who have somehow managed to find such a vulnerability.
The implications of such an attack on an industrial scale could be disastrous, particularly if it involves a production line being compromised with malicious software that is powerful enough to resist the installation of any security patch that would disable it.
2. Eavesdropping attacks
Attackers can illegally gain access to confidential and sensitive information by launching an eavesdropping attack on communication channels used by individuals or institutions to share such critical information.
When information that contains sensitive content relating to how a certain system or production process operates is shared on an insecure communication channel, it presents an opportunity for an attacker to eavesdrop on such information and plan a devastating attack on the system.
3. Denial of Service attacks
Denial of service (DoS) attacks aim to bring down the systems by denying them access to any form of computational resources so that the process controlled by the targeted system falls under the control of the attacker. For example, the communication between an industrial server and other lower-level industrial control systems can be disrupted by a DoS attack that can deny these systems access to the server network.
4. Data Injection attacks
False data injection attacks inject harmful code and commands into control systems networks that are not fortified with efficient authentication mechanisms. Such attacks can range from commanding industrial control systems to performing actions that are outside of safe operating margins, to completely reconfiguring the control systems’ equipment to perform differently from the way they are meant to function.
5. Replay attacks
Even though authentication mechanisms can help prevent harmful commands from being executed by targeted equipment, an authenticated data packet modified with malicious instructions can be retransmitted. This can prove quite dangerous because such an altered data packet appears to be from a legitimate origin. Electronic equipment that such packets are transmitted have no clue that this is actually malicious content in the disguise of a legitimate data packet.
6. Side-Channel Attacks
Side-channel attacks are characterized by the illegal collection of data through information leakage in industrial equipment. For example, attackers can obtain sensitive information on the working of a system by fluctuations tracing the variations in the power usage while processing data. In-depth monitoring of industrial manufacturing equipment during the production process can give away critical information that can help create an almost precise reproduction of the product produced by the compromised machine.
The threat of cyber-physical attacks is real and had often resulted in the loss of millions of dollars. A more worrisome fact is that attacks on cyber-physical systems may even lead to loss of human life (for example, an attack on a nuclear power plant system). Understanding the threat landscape and implementing stringent security measures is imperative for industries where CPS is used extensively.
We hope this article has helped you know more about Cyber-Physical Attacks.
Below are our few blogs that can help you know more about Zero Trust Security, AI, RPA Automation, and SASE Solutions.
What is Zero Trust Security and why is it so important?