Cyber Security : Critical Infrastructure Protection

Foreword
Preface
Contents
Contributors
Part I Digital Society
1 Cyber-Attacks Against Critical Infrastructure
	1.1 Introduction
	1.2 Cyber Security Threats Against Critical Infrastructure
		1.2.1 Motivation of the Attackers
		1.2.2 Vulnerabilities
		1.2.3 Attack Vectors
	1.3 Cyber-Attacks Against Critical Infrastructure
		1.3.1 Chemical Sector
		1.3.2 Commercial and Government Facilities Sector
		1.3.3 Communications Sector
		1.3.4 Critical Manufacturing Sector
		1.3.5 Dams Sector
		1.3.6 Defense Industrial Base Sector
		1.3.7 Emergency Services Sector
		1.3.8 Energy Sector
		1.3.9 Financial Services Sector
		1.3.10 Food and Agriculture Sector
		1.3.11 Governmental Institutions Sector
		1.3.12 Healthcare Sector
		1.3.13 Information Technology Sector
		1.3.14 Nuclear Sector
		1.3.15 Transportation Systems Sector
		1.3.16 Water and Wastewater Systems Sector
	1.4 Critical Infrastructure Protection
	1.5 Conclusion
	References
2 Key Elements of On-Line Cyber Security Exercise and Survey of Learning During the On-Line Cyber Security Exercise
	2.1 Introduction
	2.2 Pedagogical Framework for Learning in On-Line Cyber Security Exercises
	2.3 Methods and Data
	2.4 Results
	2.5 Conclusion
	References
3 Cyber Law and Regulation
	3.1 Introduction
	3.2 Governance of the Internet and Cyberspace
		3.2.1 Distributed Governance
		3.2.2 Transnational Governance
		3.2.3 Regional Governance
		3.2.4 National System Governance
	3.3 Cyber Operations
		3.3.1 Cyber Warfare
		3.3.2 Cyber Espionage
		3.3.3 Cyber Crime
	3.4 Computer Crime Law
		3.4.1 Computer Crime Law in the United States
		3.4.2 Computer Criminal Law of Nations
	3.5 Regulations in Cyber Space
		3.5.1 National and Transnational Data Privacy Regulations
		3.5.2 Breach Notification Statutes
		3.5.3 Regulation of Cyber Security: The Reasonableness Standard
		3.5.4 Standards for Cybersecurity Regulation
		3.5.5 Net Neutrality Regulation
	3.6 Summary
	References
4 Understanding and Gaining Human Resilience Against Negative Effects of Digitalization
	4.1 Introduction
	4.2 Human—Part of Information System
	4.3 Types of Influence
		4.3.1 Information Operations
		4.3.2 Addiction and Technostress
	4.4 Gaining Individual Resistance
		4.4.1 Handling Stress
		4.4.2 Critical Thinking, Self-Regulation and Educational Approach
	4.5 Discussion and Conclusion
	References
5 Users’ Psychopathologies: Impact on Cybercrime Vulnerabilities and Cybersecurity Behavior
	5.1 Introduction
	5.2 Psychopathology and Abnormal Psychology
		5.2.1 Classifying Psychopathology
		5.2.2 Mental Disorder
	5.3 Online Benefits, Risks, and Security Behavior
		5.3.1 Benefits of Online Interaction
		5.3.2 Risks of Online Interaction
		5.3.3 Cyber Security Behaviors
	5.4 Understanding Users’ Mental Disorders
		5.4.1 Neurodevelopmental Disorders
		5.4.2 Schizophrenia Spectrum and Other Psychotic Disorders
		5.4.3 Bipolar and Related Disorders
		5.4.4 Depressive Disorders
		5.4.5 Anxiety Disorders
		5.4.6 Obsessive–Compulsive and Related Disorders
		5.4.7 Neurocognitive Disorders
		5.4.8 Personality Disorders
		5.4.9 Summary of Mental Disorders
	5.5 Conclusion
	References
6 Process Ontology Approach to Military Influence Operations
	6.1 Introduction
	6.2 Modern Influence Environment
	6.3 Psychology of Modern Influence Practices
	6.4 Influence in Warfare
	6.5 Military Influence Operations
	6.6 Process Ontology Approach
	6.7 Conclusion
	References
Part II Critical Infrastructure Protection
7 Future Smart Societies’ Infrastructures and Services in the Cyber Environments
	7.1 Introduction
	7.2 Smart City Communication Infrastructures
	7.3 Cyber Threats and Risks in the Future Network Environments of Smart Cities
	7.4 Cyber Threat Risks and the QFD Model
	7.5 Performing and Modelling Threat Analyses
	7.6 Conclusions and Future Work
		7.6.1 Conclusions
		7.6.2 Future Work
	References
8 Cyber Security in Healthcare Systems
	8.1 Introduction
	8.2 Hospital as a Cyberspace
		8.2.1 Hospital and Cyber World Layers
		8.2.2 Hospital Information Systems
		8.2.3 Medical Devices
	8.3 Cybersecurity Risks Related to Hospital Systems
		8.3.1 Data Breaches Against Hospital Systems
		8.3.2 Cyber Security Risks Related to Medical Devices
		8.3.3 Cyber-Attack Vectors Against Hospital
	8.4 Healthcare Cybersecurity
		8.4.1 Best Practices
		8.4.2 Cybersecurity of Medical Devices
		8.4.3 New Technology to Help
		8.4.4 Hospital Cybersecurity Architecture
	8.5 Conclusion
	References
9 Cyber Security of an Electric Power System in Critical Infrastructure
	9.1 Introduction
	9.2 Organization’s Cyber Structure
		9.2.1 Structure of an Organization’s Cyber World
		9.2.2 Structure of an Electricity Organization’s Cyber Environment
	9.3 Main Cyber Security Threats in an Electricity Organization
	9.4 Organization’s Decision-Making Levels and System View
		9.4.1 System-Level View of Organization’s Cyber Security
		9.4.2 Systems Views and Trust-Enhancing Measures
	9.5 Implementing Measures to Enhance Cyber Trust
		9.5.1 Trust-Enhancing Measures
		9.5.2 Risk Analysis
		9.5.3 Resilience Adding Operations
		9.5.4 PDCA Method as a Tool for Developing Activities
	9.6 Conclusion
	References
10 Maritime Cybersecurity: Meeting Threats to Globalization’s Great Conveyor
	10.1 Introduction
	10.2 Seaborne Commerce and Sea Control: Lessons from the Last Century
	10.3 Cybersecurity and the Maritime System
		10.3.1 Cyber Issues for Maritime Vessels
		10.3.2 Cyber Issues in Port Operations
	10.4 Law, the Sea, and Cyberspace
	10.5 Relevant Public Policy
		10.5.1 US Cyber Security Policy Guidance
		10.5.2 International Cybersecurity Guidance
	10.6 Conclusion and Prescriptions
		10.6.1 Directions for Public Policy
		10.6.2 Research and Education
	References
11 Cyberattacks Against Critical Infrastructure Facilities and Corresponding Countermeasures
	11.1 Introduction
	11.2 Critical Infrastructure and Resilience
	11.3 Cyber-Physical Systems
	11.4 Cybersecurity
	11.5 Artificial Intelligence and Machine Learning
	11.6 Cyberattacks Against Critical Infrastructure Facilities
		11.6.1 Adversarial Attacks
		11.6.2 DoS and DDoS Attacks
		11.6.3 False Data Injection (FDI) Attacks
		11.6.4 Malware Attacks
		11.6.5 Phishing Attacks
	11.7 Defensive Mechanisms Against Cyberattacks
		11.7.1 Defending Against Adversarial Attacks
		11.7.2 Defending Against DoS and DDoS Attacks
		11.7.3 Defending Against False Data Injection (FDI) Attacks
		11.7.4 Defending Against Malware Attacks
		11.7.5 Defending Against Phishing Attacks
	11.8 Conclusion
	References
12 Saving Lives in a Health Crisis Through the National Cyber Threat Prevention Mechanism Case COVID-19
	12.1 Introduction
	12.2 Problem Formulation
	12.3 Challenges in the Decision-Making Process with COVID-19
		12.3.1 Situation in Finland
		12.3.2 Case Vastaamo
	12.4 Central Concepts
		12.4.1 Artificial Intelligence
		12.4.2 Legislation and Regulation
		12.4.3 Situational Awareness
		12.4.4 Elements of Critical Infrastructure
	12.5 Previous Works
	12.6 Findings
	12.7 Discussion and Conclusions
	References
13 Information Security Governance in Civil Aviation
	13.1 Introduction
		13.1.1 Information Security Management
		13.1.2 Governance in Information Security Management
	13.2 Information Security Management in Civil Aviation
		13.2.1 Concept of Safety Management in Civil Aviation
		13.2.2 Concept of Security Management in Civil Aviation
		13.2.3 Concept of Cybersecurity in Civil Aviation
	13.3 Information Security Management Governance in Civil Aviation
		13.3.1 Definitions
		13.3.2 Concepts
		13.3.3 Principles
	13.4 Conclusions
	References
14 Smart Cities and Cyber Security Ethical and Anticipated Ethical Concerns
	14.1 Introduction
	14.2 Smart Cities and Cyber Security
	14.3 Smart Cities and Ethics
	14.4 Smart Cities, Technology, and Anticipatory Ethics
	14.5 Technologies Essential to the Development of Smart Cities
	14.6 Smart Cities and Anticipated Ethical Issues
	14.7 Smart Cities and Anticipated Cyber Security Risks
	14.8 Applied Anticipatory Ethics
	14.9 Rules for Computing Applied Artifacts
	14.10 Conclusion
	References
15 TrulyProtect—Virtualization-Based Protection Against Reverse Engineering
	15.1 Introduction
	15.2 Virtualization in ×86 and ARM
		15.2.1 ×86
		15.2.2 ARM
	15.3 Encrypted Code Execution
		15.3.1 Starting a Hypervisor
		15.3.2 Creating the Root of Trust
		15.3.3 Protection Against Cache Coherence Attacks
		15.3.4 DED Cycles
	15.4 System Implementation
		15.4.1 Protection of Native Code
		15.4.2 Protection of Managed Code
		15.4.3 Protection of Linux Code
		15.4.4 Protection of Windows Code
		15.4.5 Protection Under Intel
		15.4.6 Protection Under AMD
		15.4.7 Protection Under ARM
		15.4.8 Protection for Rich Media
		15.4.9 Future Work
	15.5 Related Work
		15.5.1 Protection Based on CPU Features
		15.5.2 Process-Virtualization Based Obfuscators
		15.5.3 Hypervisor Based Protection of Other Contents
	15.6 Conclusions
	References
Part III Computational Methods and Applications
16 Refining Mosca’s Theorem: Risk Management Model for the Quantum Threat Applied to IoT Protocol Security
	16.1 Introduction
	16.2 Quantum Computation and C(I)IP
	16.3 QC Threat Model
		16.3.1 General
		16.3.2 Timescales and Resources
		16.3.3 Strength of Quantum Resilient Solutions
		16.3.4 QC Threat Levels
	16.4 IoT Protocols
	16.5 Cryptographic Primitives in IoT Protocols
	16.6 QC Threat Assessment for IoT Protocols
	16.7 Quantum Resilience in IoT
	16.8 IoT Protocol Risk Assessment
	16.9 Conclusions
	References
17 Intelligent Solutions for Attack Mitigation in Zero-Trust Environments
	17.1 Introduction
	17.2 Intrusion Detection with Deep Learning
	17.3 Deep Reinforcement Learning
	17.4 Traffic Generation
	17.5 Software-Defined Networking and Network Function Virtualization
	17.6 Prototype Environment
	17.7 Conclusion and Future Work
	References
18 Insecure Firmware and Wireless Technologies as ``Achilles\' Heel\'\' in Cybersecurity of Cyber-Physical Systems
	18.1 Introduction
	18.2 ADS-B in Air Transport
		18.2.1 ADS-B in General
		18.2.2 ADS-B in Detail
		18.2.3 ADS-B Attacker and Threat Models
		18.2.4 Implementation of a Wireless Attack
		18.2.5 Key Results
	18.3 Wireless Firing Systems for Remote Explosives  and Robotic Weapons
		18.3.1 Main Motivations
		18.3.2 Overview of Fireworks and Pyrotechnics Systems
		18.3.3 Preliminary Analysis
		18.3.4 Wireless Threats
		18.3.5 Implementing a Wireless Attack
		18.3.6 Main Outcomes
	18.4 CCTV for Physical Security
		18.4.1 CCTV in General
		18.4.2 Visual-Layer Attacks
		18.4.3 Covert-Channel Attacks
		18.4.4 Denial-of-Service and Jamming Attacks
		18.4.5 Online Network Attacks
		18.4.6 Key Takeaways
	18.5 Conclusions
	References
19 Physical Weaponization of a Smartphone by a Third Party
	19.1 Introduction
	19.2 Remote Destruction of the Smartphone
	19.3 Categorical Framework for Smartphone Dangers
		19.3.1 Characteristics of Attack Effect
		19.3.2 Attack Vectors
		19.3.3 Attack Perpetrators
		19.3.4 Weaponizable Components
		19.3.5 Attack Effects
	19.4 Nation State as a Bad Actor
	19.5 Counterfeit Smartphones
	19.6 Discussion
	19.7 Conclusion
	19.8 Appendix: Threat Analysis
	References
20 Practical Evasion of Red Pill in Modern Computers
	20.1 Introduction
	20.2 Background
		20.2.1 Hypervisors and Thin-Hypervisors
		20.2.2 ×86 Virtualization
		20.2.3 Rootkits and Bootkits
		20.2.4 Hypervisors, Forensics and Cyber Security
		20.2.5 Kennell’s Timing Method and Derived Attacks
	20.3 Local Red Pills
		20.3.1 Paranoid Fish and Other Modern Red Pills
		20.3.2 Paranoid Fish Timing Tests
		20.3.3 Paranoid Fish Timing Tests in User-Mode
		20.3.4 Paranoid Fish Timing Tests in Kernel-Mode
	20.4 Conclusion
	References
21 Malware Analysis
	21.1 Introduction
	21.2 Static Analysis
	21.3 Dynamic Analysis
		21.3.1 Memory Acquisition
		21.3.2 Behavioral Analysis
		21.3.3 Evasion
	21.4 Conclusion
	References