Chapter 1. Network Security Basics
This chapter provides an overview of some of the general computer and Internet security notions; it also explains how a security plan can be created for an institution or an enterprise (“Chapter 1” 2).
First, some basic concepts and terms related to e-security are defined. Then, the problems of security access are discussed; after scrutinizing a number of possible threats and safeguards for information, it is explained that creating a proper physical environment that would allow the data to be safe from physical intrusion is of crucial importance if it is to be protected. Next, the issues related to virtual intrusions are considered; these include the prevention of compromise of data occurring due to carefulness or a mistake, deliberate internal breaches of security, and external intrusions carried out by unauthorized individuals.
After that, the chapter supplies an overview of threats to network security and the ways to identify them; in particular, the classification of various kinds of attacks is supplied. Finally, some important advice on creating a thorough security plan is given. It is then summarized that it is useful to be able to understand the motivations of hackers and see the vulnerable surfaces of the organization’s informational system; in addition, the awareness of possible ways of attack is also of crucial importance. It is also stressed that, in order to safeguard an informational system, a high-quality security plan should be created and implemented.
The chapter provides an easy and effective introduction to network security issues that numerous organizations are forced to face. It is important to point out that some most common mistakes related to data security are discussed. For instance, it is explained that hackers may operate in an undercover way, working for an organization as cleaners, etc., which allows them to access computers when the employees are not at work, and not to raise any suspicions; it is also elaborated that in many cases the compromise of data occurs accidentally, due to carelessness or a mistake, which means that the personnel of a company should be provided with proper instruction regarding the data safety.
Supplying a simple and effective explanation of the basic issues related to network security, this text will be of use to any people who are not professional data security specialists but have a degree of responsibility for their organization’s informational system.
Chapter 4. AMI Security Requirements
The Chapter 4 of Smart Grid Cyber Security Strategy and Requirements provides a detailed account of security requirements that are concerned with Advanced Metering Infrastructures (AMI). It supplies a description of AMI requirements that are modified from the Catalog of Department of Homeland Security so that they can be used for AMI security (“Chapter 4” 56).
The AMI requirements include a number of components. First, the security requirements regarding the cyber protection that are necessary for managing the system and communication protection, which consist of actions done in order to safeguard the components of AMI, as well as communication links between the elements of the system, from a malicious cyber intrusion, are explained. Second, the issues related to the management of data and documents are discussed; it is explained that information stored both on hard-copy and digital data carriers and related to AMI is crucial for the proper protection of the AMI elements. Third, the conditions for system development and maintenance are described; it is emphasized that organizations are required to comply with the requirements of the federal laws, policies, and directives, as well as with various standards existing in the country. Fourth, the chapter provides an explanation of the means that are needed in order to provide a proper response to various incidents; the organizations are obliged to create, spread, review and update documents that regulate both the general policy and the methods utilized in case of such incidents.
Fifth, the problems concerned with the integrity of the information stored in AMI are discussed. It is stressed that the maintenance of AMI systems should be carried out in a way that allows to maximize the safety of information stored there, i.e. to protect this information from being deleted or modified by unauthorized and/or undetected users. The controls aimed at such protection are provided. Sixth, the issue of access control is addressed. It is highlighted that making sure that only the authorized persons have access to the resources in the AMI system is of crucial importance.
The possible means of access control include passwords, biometrics, as well as cryptographic tokens. Seventh, the problems related to the audit and accountability of the AMI elements are examined. It is pointed out that both logging and audit require being carried out in a regular manner so as to ensure that the system is adequately protected, and that all the security mechanisms are working properly. It is essential to discover breaches in security and its weak sides if the AMI system is to be safe from threats.
It should be stressed that the fulfillment of the requirements provided in the chapter is aimed at allowing for safe and efficient use of the AMI systems. Therefore, it is of crucial importance for organizations to comply with these requirements in order to be able to both achieve the organizational goals and satisfy their customers.
Network Security: History, Importance, and Future
The article by Daya is concerned with the issue of the security of data networks, mainly the Internet and networks with the access to the Internet (1). The author examines the problem of network security by analyzing the history of security in networks, the architecture of the Web and its components that can be harmed easily, the kinds of network attacks and means to prevent them, the methods to provide security for different types of networks that have an access to the Internet, as well as the latest developments (both software and hardware) in the security sphere. In order to perform the study, the author conducted a literature review.
It is stated that in order to provide the security of networks, it is essential to consider a number of factors, namely, access (only the authorized individuals should be able to access the network), confidentiality (the crucial information should not be available to other users), authentication (the users of the network must be confirmed, so that other users might not act using their name), integrity (messages must reach their destination without modifications), and non-repudiation (the users mustn’t deny using the network). It is also important to take into account the possible aims of an attack, which might include wasting resources, interfering with the functions of systems related to resources, or gaining information that might be used in the future attacks.
The author states that the interest in the Internet security began with a crime committed by Kevin Mitnick in 1995 that resulted in a major financial loss. Since the 1990s, when the Internet became public, major studies were carried out in the field. Further, the author explains that the vulnerable aspects of the Internet are associated with the Internet Protocol Suite (IPS); to protect different levels of IPS, security mechanisms were introduced, such as a security architecture for Internet protocols (IP).
The author also examines the peculiarities of two versions of IPs, namely, IPv4 and IPv6, as well as the most common attack methods on these IPs, which include eavesdropping, viruses, worms, Trojans, phishing, denial of service, and IP spoofing. After that, an overview of current mechanisms of network security is conducted; it is stated that the hardware developments are rather limited (they are comprised mainly of biometric systems and smart cards), whereas the software developments are much more significant and numerous, including anti-viruses and firewalls.
It should be stated that the article provides an overview of some of the most important issues related to the Internet security. On the other hand, the author does not go into much detail in the article. It is also important to point out that some of the sources used in the paper are not scholarly. Summing up, it might be said that the article can be useful for those who need some rather general information on the topic of the Internet security, but might be of little help to professionals in the field.
Impact of Network Infrastructure Parameters to the Effectiveness of Cyber Attacks against Industrial Control Systems
The article by Genge, Siaterlis, and Hohenadel is concerned with the topic of cyber attacks on information and communication technologies systems (ICT) (in particular, on networked industrial control systems (NICS)) used by modern critical infrastructures (CI) (675-675). The paper scrutinizes the manner in which cyber systems are able to influence the physical world by performing an experimental attack on a CI.
In their study, the scholars employed the Boiling Water Power Plant (BWPP) model as an example of a physical process occurring in a CI. The researchers supposed that bringing the process to a critical state (critical steam pressure) can possibly cause physical damage to the CI. The researchers limited their attack time to 10 minutes because after the start of the attack the personnel of a real CI might notice the significant deviations caused by the attack, and switch the facility off or disconnect it in order to prevent the attack from continuing.
The control of the BWPP model, an oil-fired electric power plant, was exercised by using three valves: stream valve, fuel valve, and feed-water valve; the process was monitored with the sensors of water level, steam pressure, and created electricity. The attackers used one of the stations located inside the installation’s internal network as their “base of operations,” for it is known that such stations can easily be compromised remotely from the Internet.
The remoteness, on the other hand, means additional complications for the attacker due to packet losses, network delays, etc. The “scholarly hackers” attempted to keep the feed-water and the steam valves closed in order to cause the extra pressure (attacker’s valve position, AVP). The experimental attacks demonstrated that the hacker can affect the normal valve positions for all the three valves if the programmable logic controllers use the task scheduling frequency of 100 ms, i.e. sent a single regular Modbus packet 100 times each second.
External factors such as network delays, as well as background traffic, significantly affected the potency of the attacks, but it was still possible to create large deviations from the normal valve position, and thus affect the steam pressure in the facility. However, the researchers found out that two key parameters, namely, the control code task scheduling, and the speed of the control valves, were able to significantly enhance the resilience of the physical process under attack.
An important achievement of the research is that it examined the influence of cyber systems on the physical world and discovered the ways to increase the resilience of these processes in a CI setting. The scholars performed 540 experimental attacks over the span of nine hours, which allows to conclude that the experimental results should be statistically reliable.
Cyber Security Challenges in Heterogeneous ICT Infrastructures of Smart Grids
The article written by Skopik and Langer is concerned with the subject of security of information technologies used in the management of “smart” power grids (463-464). The authors state that in the future, it will be necessary to employ additional sources of energy, not only on the regional or national level but also on-site. In addition, more environmentally friendly sources of energy (such as biological, wind, or solar power grids) are much less reliable than the traditional sources (e.g., nuclear or fossil fuel power plants) when it comes to the stability of power supply. Therefore, it is important to use modern information technologies to manage the environmentally friendly sources in order to provide stable power supply. This opens new surfaces that could be attacked by malefactors, and creates the need for additional security systems.
The authors provide an overview of different information and communication technologies (ICT) structures employed in smart grids, examine the main scenarios of cyber attacks on them, and review main security challenges that emerge. The methodology employed in order to carry out the research is not discussed, but it appears justified to state that the authors performed a literature review in order to gather the necessary data.
The authors explain that the structure of smart grids consists of three main components: grid stakeholders, the physical components of the grid (factories and other facilities), and communication between them (ICT systems; physically, it is realized by power line carriers or fiber optics). The authors concentrate on the physical network between the stakeholders and the grid, for these connections may be vulnerable to an attack.
Further, the researchers supply information about the possible scenarios that might be employed in order to attack grids; they argue that most attacks will be launched against the metering infrastructure of the grid, because this infrastructure is scattered among numerous users, which makes it an easy target. It is also asserted that today these attacks mainly focus on gathering and maliciously using the metering data, or on initiating a dysfunction and denial of service. Other possible attacks may include attacks on distributed energy resources, e-mobility (i.e., on grid load management), and on transmission grids. Finally, the authors provide a brief overview of the currently existing cyber security standards.
It is important to point out that the research deals with a problem that is going to be of crucial importance in the future, and the article provides significant grounds that can be employed to better safeguard not only the sources of the energy supply but also the consumers of energy. It is stressed that the future research is required in order to test the discussed scenarios of attack and find the most effective strategies for dealing with them.
Works Cited
“Chapter 1. Network Security Basics.” ISA Server 2006 Migration Guide. Tom Shinder. Burlington, MA: Syngress, 2007. 1-45. Print.
“Chapter 4. AMI Security Requirements.” Smart Grid Cyber Security Strategy and Requirements: Draft. Ed. Annabelle Lee and Tanya Brewer. Gaithersburg, MD: National Institute of Standards and Technology, 2009. 56-119. Print.
Daya, Bhavya. Network Security: History, Importance, and Future. n.d. Web.
Genge, B., C. Siaterlis, and M. Hohenadel. “Impact of Network Infrastructure Parameters to the Effectiveness of Cyber Attacks against Industrial Control Systems.” International Journal of Computers Communications & Control 7.4 (2012): 674-687. Print.
Skopik, Florian, and Lucie Langer. “Cyber Security Challenges in Heterogeneous ICT Infrastructures of Smart Grids.” Journal of Communications 8.8 (2013): 463-472. Print.