Abstract
This chapter reviews current and anticipated cyber-related threats to the Critical Information Infrastructure (CII) and Critical Infrastructures (CI). The potential impact of cyber-terrorism to CII and CI has been coined many times since the term was first coined during the 1980s. Being the relevance to consider possible threats and their impact, this paper provides a systematic treatment of actors, tools and potential effects. Some future risk to the CII is discussed as well.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
EC: Council Directive 2008/114/EC, of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection, EC, Brussels, Belgium (2008)
ENISA Glossary, http://www.enisa.europa.eu/act/res/files/glossary
Wiener, N.: Cybernetics or Control and Communication in the Animal and the Machine. The Technology Press John Wiley & Sons, Inc., New York (1948)
Council of Europe, Convention on Cyber-crime, CETS No.: 185, Budapest (November 23, 2001), http://conventions.coe.int (last visited May 08, 2011) Note: the CETS No.: 290 has changed the title into ’Convention on Cybercrime’
EC, Towards a general policy on the fight against cyber crime , Communications from the Commission to the European Parliament, the Council and the Committee of the Regions, COM(2007) 267 final, Brussels, Belgium (2007), http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2007:0267:FIN:EN:PDF (last visited May 08, 2011)
Rauscher, K.F., Yashenko, V.: Russia-U.S. Bilaterial on Cyber Security: Critical Terminology Foundations, EastWest Institute (2011), http://www.ewi.info/system/files/reports/Russia-U%20S%20%20bilateral%20on%20terminology%20v76%20%282%29.pdf ( last visited May 08, 2011)
Derived from, http://defensetech.org/2009/01/09/peeking-into-private-data (last visited May 08, 2011)
NATO: NATO MC0571, NATO Cyber Defence Concept, Brussels, Belgium (2008)
Scheuer, M.: Al-Quada Doctrine for International Political Warfare. Terrorism Focus III(42) (2006), http://jamestown.org/terrorism/news/uploads/tf_003_042.pdf (last visited May 08, 2011)
Denning, D.E.: Cyberterrorism. Testimony before the Special Oversight Panel on Terrorism Committee on Armed Services U.S. House of Representatives (2003), http://www.cs.georgetown.edu/~denning/infosec/cyberterror.html (last visited May 08, 2011)
Denning, D.E.: Is Cyber Terror Next?, Social Science Research Council (2001), http://www.ssrc.org/sept11/essays/denning.htm (last visited May 08, 2011)
Lewis, J.A.: Assessing the risk of cyber terrorism, cyber war and other cyber threats, Center for Strategic and International Studies (2002) http://www.csis.org/tech/0211_lewis.pdf (last visited May 08, 2011)
Pollitt, M.M.: Cyberterrorism: Fact or Fancy? In: Proceedings of the 20th National Information Systems Security Conference, Baltimore (1997)
Luiijf, H.A.M.: Cyberterrorisme. In: Muller, E.R., Rosenthal, U., de Wijk, R. (eds.) Bundel Terrorisme, pp. 149–168. Kluwer (2008)
Luiijf, H.A.M., Nieuwenhuijs, A.H.: Extensible Threat Taxonomy for Critical Infrastructures. Int’l Journal on Critical Infrastructures 4(4), 409–417 (2008)
Luiijf, H.A.M., Nieuwenhuijs, A.H., Klaver, M.H.A., van Eeten, M.J.G., Cruz, E.: Empirical findings on European critical infrastructure dependencies. Int. J. System of Systems Engineering 2(1), 3–18 (2010)
TNO’s database on CI disruptions, version 334 (5110 events; 6922 CI disruptions) (last visited May 08, 2011)
Ciancamerla, E., Minichino, M.: A Mini Telco Blackout Scenario, in Tools and Techniques for Interdependency Analysis (IRRIIS Deliverable D2.2.2), IRRIIS Consortium, Fraunhofer Institute for Intelligent Analysis and Information Systems, Sankt-Augustin, Germany (2007), http://www.irriis.org/File.aspx?lang=2&oiid=9138&pid=572 (last visited May 08, 2008)
Baltimore Howard Street Tunnel fire (July 2001), http://en.wikipedia.org/wiki/Howard_Street_Tunnel_fire (last visited May 08, 2011)
International Cable Protection Committee, www.icpc.org (last visited May 08, 2011)
Examples of cable cuts, news.smh.com.au/thousands-hit-after-telstra-cable-cut/20080503-2am1.html , www.icelandreview.com/icelandreview/daily_news/?cat_id=40764&ew_0_a_id=359600 , www.ksta.de/html/artikel/1137402866724.shtml (last visited May 08, 2011)
Example of shooting fibre optic cables, http://www.accessnorthga.com/detail.php?n=209108&c=10 (last visited May 08, 2011)
Availability and Robustness of Electronic Communication Infrastructures - The ARECI Study, Alcatel-Lucent (2007), http://ec.europa.eu/information_society/policy/nis/strategy/activities/ciip/areci_study/index_en.htm (last visited May 08, 2011)
Counterfeit products, http://www.andovercg.com/services/cisco-counterfeit-wic-1dsu-t1.shtml (last visited May 08, 2011)
Stuxnet dossier v 1.4, Symantec, www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf (last visited May 08, 2011)
http://www.networkworld.com/news/0414frame2.html (last visited May 08, 2011)
The Cost of Cyber Crime, Detica and U.K. Office of Cyber Security and Information Assurance (2011), http://www.cabinetoffice.gov.uk/resource-library/cost-of-cyber-crime (last visited May 08, 2011)
Jihadists and the Internet, National Coordinator for Counterterrorism, The Hague (2010), http://english.nctb.nl/Images/JihadismeUpdate2009-UK%20def_tcm92-279323.pdf?cp=92&cs=25496 (last visited May 08, 2011)
Williams, C., Gardham, D.: Great likelihood of Cyber attacks by terrorists, The Telegraph (February 1, 2011), http://www.telegraph.co.uk/technology/8294023/Great-likelihood-of-cyber-attacks-by-terrorists.html (last visited May 08, 2011)
Colarik, A.M.: Cyber Terrorism: Political And Economic Implications. Idea Group Publishing, Hershey (2006)
The Terry Childs Case (2009), http://www.techrepublic.com/blog/career/terry-childs-will-the-true-story-ever-be-told/555 (last visited May 08, 2011)
Luiijf, H.A.M. (ed.): Process Control Security in the Cybercrime Information Exchange, NICC (2010), http://www.cpni.nl/publications/PCS_brochure-UK.pdf , (last visited May 08, 2011)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Shacham, S.: Savage, Experimental Security Analysis of a Modern Automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462 (2010), http://www.autosec.org/pubs/cars-oakland2010.pdf (last visited May 08, 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Luiijf, E. (2012). Understanding Cyber Threats and Vulnerabilities. In: Lopez, J., Setola, R., Wolthusen, S.D. (eds) Critical Infrastructure Protection. Lecture Notes in Computer Science, vol 7130. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28920-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-28920-0_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28919-4
Online ISBN: 978-3-642-28920-0
eBook Packages: Computer ScienceComputer Science (R0)