eBook - ePub
Cyber-Physical Attacks
A Growing Invisible Threat
George Loukas
This is a test
Buch teilen
- 270 Seiten
- English
- ePUB (handyfreundlich)
- Über iOS und Android verfügbar
eBook - ePub
Cyber-Physical Attacks
A Growing Invisible Threat
George Loukas
Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben
Über dieses Buch
Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road, or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism.
The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral outrage that would follow a more overt physical attack.
Readers will learn about all aspects of this brave new world of cyber-physical attacks, along with tactics on how to defend against them. The book provides an accessible introduction to the variety of cyber-physical attacks that have already been employed or are likely to be employed in the near future.
- Demonstrates how to identify and protect against cyber-physical threats
- Written for undergraduate students and non-experts, especially physical security professionals without computer science background
- Suitable for training police and security professionals
- Provides a strong understanding of the different ways in which a cyber-attack can affect physical security in a broad range of sectors
- Includes online resources for those teaching security management
Häufig gestellte Fragen
Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Cyber-Physical Attacks als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Cyber-Physical Attacks von George Loukas im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Ciencia de la computación & Ciberseguridad. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.
Information
Thema
Ciberseguridad1
A Cyber-Physical World
Chapter Summary
Conventional cyber attacks affect primarily the confidentiality, integrity, and availability of data and services in cyberspace. Cyber-physical attacks are the particular category of cyber attacks that, whether intentionally or not, also adversely affect physical space by targeting the computational and communication infrastructure that allows people and systems to monitor and control sensors and actuators. This chapter provides a brief introduction to the concepts and components that bridge cyberspace with physical space, and defines what is and what is not a cyber-physical attack in relation to its impact on sensing and actuation.
Key Terms
Actuator; sensor; wireless sensor network; controller; embedded system; cyber-physical system; Internet of Things; cyber-physical attack
In the past, it was safe to assume that the primary aim of a cyber attack would be to cause damage in cyberspace, and of a physical attack to cause damage in physical space. This is no longer the case.
Our increasing dependence on computerized and highly networked environments is generating considerable new threats where the two spaces overlap. For clarity, by physical space, we refer to the space governed by the laws of physics. Cyberspace cannot be defined as succinctly. For our purposes, it is a metaphor referring to the electronic transmission, manipulation, storage, and retrieval of information in computer systems and networks.
Modern automobiles, smart buildings, wireless implants, intelligent traffic lights, full-body scanners, and industrial control systems are realistic targets for an attacker who wants to cause damage in physical space. An autonomous vehicle that has been compromised electronically can be used to intercept communications, transmit false data, launch a cyber attack from a convenient location, or even drive or fly itself into a crowd. Because documentation and code for exploiting weaknesses of widely used industrial control systems are available online, a cyber attack against a gas pipeline or water management facility may require considerably less planning and resources than a physical attack with the same aim.
Note that an attack in cyberspace can affect one or more of the three basic information security attributes collectively known as the CIA triad: confidentiality, integrity, and availability. In broad terms, confidentiality ensures that information can be accessed only by those authorized to access it; integrity ensures that information or a system’s configuration can be modified only by those authorized to modify it; and availability ensures that those authorized to access particular information or a service can indeed access it when necessary. To these, it is common to add authenticity, accountability, nonrepudiation, and other increasingly overlapping attributes.1 For the sake of simplicity, throughout this book we will refer mainly to the CIA triad and occasionally to authenticity. We will also frequently use five information security terms: adversary, threat, vulnerability, attack, and countermeasure, for which the explanations (following the Internet Engineering Task Force’s Internet Security glossary2) can be seen in Box 1.1, Basic Information Security Terminology.
Basic Concepts and Definitions of a Cyber-Physical World
Few like definitions. They can be too specific and limiting, or so general and vague as to be of little use in practice. Different schools of thought lead to distinctly different definitions, which are almost always incomplete. More than anything, definitions show what the industrial or research team behind each one considers a challenge and where it has focused its attention. But that is precisely why they are useful for areas of science and technology that are new and rapidly changing, currently expanding their real-world applications and impact to society. To appreciate and understand how an attack in cyberspace can have an impact in physical space, it is useful to have a basic understanding of the devices and systems involved, including sensors, actuators, controllers, embedded systems, cyber-physical systems, and recent computing paradigms such as the Internet of Things. We will use some of the most popular definitions proposed to describe these, although it is possible that some of these terms will be out of fashion in the near future. Nevertheless, they all point toward a world where cyber and physical spaces meet and new security threats appear where the two overlap.
Transducers
Computers are designed to generate, manipulate, transmit, and receive information in the form of pulses of electrical energy. (For example, a 0 may be represented as a low-voltage pulse and a 1 as a high-voltage pulse.) To be able to cross the cyber-physical boundary from information to physical effect and vice versa, they need transducers, which are devices that can convert between different forms of energy.3 Within the scope of this book, we are interested in transducers that can be classified as sensors or actuators.
Sensors are devices “that transform real-world data into electrical form”4 for the purpose of measurement or observation of the physical environment. The quantity, property, or condition measured is called stimulus or measurand, and can be acoustic, biological, chemical, electric, magnetic, mechanical, optical, radiation, or thermal. They may involve a number of transducers converting energy from one form into another until one produces an electrical signal that can be interpreted by an information processing system, such as a computer.
Strictly speaking, a sensor does not need to be a man-made object. Natural sensors on living organisms can also be included. For example, at the back of the human eye’s retina there is a layer of photoreceptors (light-sensitive nerve cells), whose job is to convert light rays into an electrical signal.5 This signal is then transmitted through the optic nerve to the brain, where it is processed and converted into an image. From our point of view, natural sensors should not be outright excluded from a discussion on cyber-physical attacks, as it is possible for an information security breach to lead to a stimulus that can be intentionally damaging to a human being (see the section, Health, in Chapter 2).
Thanks to advances in low-cost electronics and a variety of energy-efficient communication technologies, it is possible to deploy large numbers of inexpensive sensors that can communicate and report their measurements through a wireless network. Wireless sensor networks were originally conceived for military applications, where the sensors would be airdropped on an otherwise inaccessible terrain and would remotely report information about the battlefield. Today, they are commonly used in disaster response, detecting pollutants in the environment, monitoring a smart home, and so on.6
Electric actuators are in a sense the reverse of sensors, as their job is to initiate a physical action when instructed to do so by an electrical signal.7 For example, in wheeled vehicles, a rotary encoder is a sensor that measures position or speed by converting the angular motion of a wheel into an electrical signal. On the other hand, the electric motor that moves the vehicle is an actuator because it converts electrical energy into torque (the rotary force) that rotates the wheel...