Critical Infrastructure Security : Cybersecurity Lessons Learned from Real-World Breaches.

Toledano, Soledad Antelada [Browse]
1st ed.
  • Birmingham : Packt Publishing, Limited, 2024.
  • ©2024.
1 online resource (270 pages)


Summary note
Venture through the core of cyber warfare and unveil the anatomy of cyberattacks on critical infrastructure Key Features Gain an overview of the fundamental principles of cybersecurity in critical infrastructure Explore real-world case studies that provide a more exciting learning experience, increasing retention Bridge the knowledge gap associated with IT/OT convergence through practical examples Purchase of the print or Kindle book includes a free PDF eBook Book Description Discover the core of cybersecurity through gripping real-world accounts of the most common assaults on critical infrastructure - the body of vital systems, networks, and assets so essential that their continued operation is required to ensure the security of a nation, its economy, and the public's health and safety - with this guide to understanding cybersecurity principles. From an introduction to critical infrastructure and cybersecurity concepts to the most common types of attacks, this book takes you through the life cycle of a vulnerability and how to assess and manage it. You'll study real-world cybersecurity breaches, each incident providing insights into the principles and practical lessons for cyber defenders striving to prevent future breaches. From DDoS to APTs, the book examines how each threat activates, operates, and succeeds. Additionally, you'll analyze the risks posed by computational paradigms, such as the advancement of AI and quantum computing, to legacy infrastructure. By the end of this book, you'll be able to identify key cybersecurity principles that can help mitigate evolving attacks to critical infrastructure. What you will learn Understand critical infrastructure and its importance to a nation Analyze the vulnerabilities in critical infrastructure systems Acquire knowledge of the most common types of cyberattacks on critical infrastructure Implement techniques and strategies for protecting critical infrastructure from cyber threats Develop technical insights into significant cyber attacks from the past decade Discover emerging trends and technologies that could impact critical infrastructure security Explore expert predictions about cyber threats and how they may evolve in the coming years Who this book is for This book is for SOC analysts, security analysts, operational technology (OT) engineers, and operators seeking to improve the cybersecurity posture of their networks. Knowledge of IT and OT systems, along with basic networking and system administration skills, will significantly enhance comprehension. An awareness of current cybersecurity trends, emerging technologies, and the legal framework surrounding critical infrastructure is beneficial.
  • Description based upon print version of record.
  • COVID-19-period cyberattack landscape
Source of description
Description based on publisher supplied metadata and other sources.
  • Cover
  • Title Page
  • Copyright and Credits
  • Dedications
  • Contributors
  • Table of Contents
  • Preface
  • Part 1: Introduction to Critical Infrastructure and Cybersecurity Concepts
  • What is Critical Infrastructure?
  • Chemical sector
  • Impact of a compromised chemical sector
  • Cyberattack scenarios in the chemical sector
  • Commercial facilities sector
  • Impact of a compromised commercial facilities sector
  • Cyberattack scenarios in the commercial facilities sector
  • Communications sector
  • Impact of a compromised communications sector
  • Cyberattack scenarios in the communications sector
  • Critical manufacturing sector
  • Impact of a compromised critical manufacturing sector
  • Cyberattack scenarios in the critical manufacturing sector
  • Dams sector
  • Impact of a compromised dams sector
  • Cyberattack scenarios in the dams sector
  • Defense industrial base sector
  • Impact of a compromised defense industrial base sector
  • Cyberattack scenarios in the defense industrial base sector
  • Emergency services sector
  • Impact of a compromised emergency services sector
  • Cyberattack scenarios in the emergency services sector
  • Energy sector
  • Impact of a compromised energy sector
  • Cyberattack scenarios in the energy sector
  • Preventing and mitigating cyberattacks
  • Financial services sector
  • Impact of a compromised financial services sector
  • Cyberattack scenarios in the financial services sector
  • Food and agriculture services sector
  • Impact of a compromised food and agriculture sector
  • Cyberattack scenarios in the food and agriculture services sector
  • Government facilities sector
  • Impact of a compromised government facilities sector
  • Cyberattack scenarios in the government facilities sector
  • Healthcare and public health sector
  • Impact of a compromised healthcare and public health sector.
  • Cyberattack scenarios in the healthcare and public health sector
  • Information technology sector
  • Impact of a compromised information technology sector
  • Cyberattack scenarios in the information technology sector
  • Nuclear reactors, materials, and waste sector
  • Impact of a compromised nuclear reactor sector
  • Cyberattack scenarios in the nuclear reactor sector
  • Transportation system sector
  • Impact of a compromised transportation system sector
  • Cyberattack scenarios in the transportation system sector
  • Water and wastewater sector
  • Impact of a compromised water and wastewater sector
  • Cyberattack scenarios in the water and wastewater sector
  • Summary
  • References
  • Chapter 2: The Growing Threat of Cyberattacks on Critical Infrastructure
  • A brief history of CI protection and attacks
  • The impact of the 9/11 attacks on CI
  • Same old attacks throughout history
  • Executive order 13010
  • Evolution of a nation's CI protection posture
  • Evolution of cyberattacks and countermeasures
  • The state of CI in the face of cyberattacks
  • COVID-19-period cyberattack landscape
  • The Colonial Pipeline ransomware attack
  • Attacks in 2023
  • National cybersecurity strategies
  • Chapter 3: Critical Infrastructure Vulnerabilities
  • Understanding the difference between threat, vulnerability, and risk
  • Vulnerability
  • Threat
  • Risk
  • Vulnerability assessment
  • Scope definition
  • Asset inventory
  • Threat modeling
  • Vulnerability scanning
  • Manual assessment
  • Risk prioritization
  • Remediation planning
  • Verification and validation
  • Ongoing monitoring
  • Reporting and documentation
  • Security vulnerability management life cycle
  • Discovery
  • Assessment and prioritization
  • Notification
  • Remediation or mitigation
  • Monitoring and continuous assessment
  • End of life.
  • Most common vulnerabilities and threats in CI
  • Inadequately secured industrial control systems (ICS)
  • Common vulnerabilities in industrial control systems (ICS)
  • Ransomware targeting CI
  • Supply chain attacks on CI components
  • Legacy systems and lack of security updates
  • Physical security breaches
  • Internet of Things (IoT) vulnerabilities
  • Part 2: Dissecting Cyberattacks on CI
  • Chapter 4: The Most Common Attacks Against CI
  • DDoS attack
  • Volumetric attacks
  • Reflection and amplification attacks
  • Resource depletion attacks
  • Protocol-based attacks
  • Application layer attacks
  • Ransomware attack
  • Infection
  • Encryption
  • Ransom note
  • Ransom payment
  • Data recovery
  • No guarantee of data recovery
  • Supply chain attack
  • Scope of attack
  • Attack vector
  • Stealth and persistence
  • Data exfiltration
  • Software supply chain attacks
  • Hardware supply chain attacks
  • Impersonation and trust exploitation
  • Mitigation challenges
  • Notable examples
  • APT
  • Phishing
  • The anatomy of a phishing attack
  • Pretexting and urgency
  • Mimicking authority figures
  • Deception and lure
  • Malicious links and attachments
  • Why do phishing tactics persist?
  • Common unpatched vulnerabilities
  • The significance of timely patching
  • Chapter 5: Analysis of the Top Cyberattacks on Critical Infrastructure
  • Stuxnet attack on Iran's nuclear program (2010)
  • Ukrainian power grid attack (2015)
  • Dyn attack on internet infrastructure (2016)
  • WannaCry (2017)
  • NotPetya (2017)
  • SolarWinds attack (2020)
  • Colonial Pipeline ransomware attack (2021)
  • Part 3: Protecting Critical Infrastructure
  • Chapter 6: Protecting Critical Infrastructure - Part 1
  • Network security and continuous monitoring.
  • Network segmentation
  • Access control
  • Intrusion detection and prevention systems
  • Virtual private networks (VPNs)
  • Security audits and penetration testing
  • Honeypots and deception technologies
  • Zero trust architecture
  • Security monitoring
  • Security policy and frameworks
  • NIST cybersecurity framework
  • ISO/IEC 27001 and ISO/IEC 27002
  • The Department of Homeland Security (DHS) critical infrastructure security framework
  • CIS Controls
  • Chapter 7: Protecting Critical Infrastructure - Part 2
  • Systems security and endpoint protection
  • Antivirus/antimalware protection
  • Firewalls
  • Host IDS/IPS
  • EDR
  • Application security
  • Secure software development life cycle
  • Code reviews and static analysis
  • Authentication and authorization hardening
  • Data encryption
  • Session management
  • Security patching and updates
  • Penetration testing
  • Logging and monitoring
  • IR and data recovery
  • Chapter 8: Protecting Critical Infrastructure - Part 3
  • IR
  • IR history
  • IR planning
  • Security culture and awareness
  • Interconnectivity of critical infrastructure
  • Cascading effects of a cyberattack
  • Responsibility to safeguard critical assets
  • Insider threats
  • Teamwork and information sharing
  • Executive orders
  • Executive Order 13010 - Critical Infrastructure Protection (1996)
  • Executive Order 13231 - Critical Infrastructure Protection in the Information Age (2001)
  • Homeland Security Presidential Directive 7 (HSPD-7) - Critical Infrastructure Identification, Prioritization, and Protection (2003)
  • Executive Order 13636 - Improving Critical Infrastructure Cybersecurity (2013)
  • Presidential Policy Directive 21 (PPD-21) - Critical Infrastructure Security and Resilience (2013).
  • Executive Order 13873 - Securing the Information and Communications Technology and Services Supply Chain (2019)
  • Executive Order 13870 - America's Cybersecurity Workforce (2019)
  • Executive Order 13865 - Coordinating National Resilience to Electromagnetic Pulses (2019)
  • Executive Order 13905 - Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing Services (2020)
  • Executive Order 14028 - Improving the Nation's Cybersecurity (2021)
  • Executive Order 14110 - Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (2023)
  • Part 4: What's Next
  • Chapter 9: The Future of CI
  • Increment and innovation of cybersecurity measures
  • More robust encryption implementation
  • Human factor and training
  • PPPs
  • Resilience and recovery
  • Integration of IoT and smart technologies
  • Supply chain security
  • Advancements in threat detection technologies
  • Greater regulatory and compliance requirements
  • Cross-sector collaboration
  • Conclusion
  • Index
  • Other Books You May Enjoy.
Statement on language in description
Princeton University Library aims to describe library materials in a manner that is respectful to the individuals and communities who create, use, and are represented in the collections we manage. Read more...
Other views
Staff view

Supplementary Information