Marin Ivezic -
Targeted cyber attacks against critical infrastructure (CI) are increasing on a global scale. Despite the common misconception in Canada, Canadian CI operators are being targeted too. Increasingly so. Canadian government and its agencies tasked with cyber securing the critical infrastructure are making great strides recently, but, in my opinion, they still lack behind Canada’s peer countries.
As IoT adoption continues to proliferate, manufactures and adopters are increasingly aware of cybersecurity risks to IoT. Yet, even among the IoT security professionals, one significant potential remote attack vector is often overlooked: intentional electromagnetic interference (IEMI).
Railways are becoming increasingly vulnerable to cyber-kinetic attacks as they move away from strictly mechanical systems and bespoke standalone systems to digital, open-platform, standardized equipment built using Commercial Off the Shelf (COTS) components. Fully cyber-enabled railway systems offer attackers a range of vulnerabilities perhaps unmatched by any other type of industrial control system. And potential attackers are well aware of their opportunities, as few examples below demonstrate.
As our cities, our transportation, our energy and manufacturing – our everything – increasingly embrace Internet of Things (IoT) and Industrial Controls Systems (ICS), securing its underlying cyber-physical systems (CPS) grows ever more crucial. Yet, even among engineers and cyber security specialists, one potential attack trajectory is often overlooked: Intentional Electromagnetic Interference (IEMI).
The History of Cyber-Kinetic Attacks, Incidents and Research – Chapter 2 of Cyber-Kinetic Attacks bookMarin Ivezic -
(This is the draft second chapter of my upcoming book Cyber-Kinetic Attacks) The fact that cyber-kinetic attacks rarely appear on mainstream news doesn’t mean they don’t happen. They happen more frequently than you would think. Many, for various reasons, aren’t even reported to agencies charged with combatting them. This hinders security experts in understanding the full scope and recognizing the trends in this growing problem. We’ll highlight examples of cyber-kinetic incidents and attacks in this chapter. Some were malfunctions that, nonetheless, demonstrated cyber-physical system vulnerabilities. Some were collateral damage from hacking or computer viruses. The vulnerabilities these exposed inspired a growing number of targeted cyber-kinetic attacks in recent years. If nothing else, the attacks described in this chapter demonstrate that the threat of cyberattacks on critical systems are not hypothetical. They occur increasingly...
Below is my attempt at tracking all published IoT and "Smart Everything"-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let me know. List of Internet of Things (IoT) Security Guidelines, Frameworks and Standards by Marin Ivezic is licensed under a...