The attack on U.S power grid in 2003 which caused 11 deaths and an estimated $6 billion in economic damages and disruption in the power supply over a wide area for at least 2 days; the December 2015 attack on Prykarpattyaoblenergo Control Center (PCC) in the Ivano-Frankivsk region of Western Ukraine, leaving 230,000 people without power for up to 6 hours and the recent attack on the largest nuclear power station in Kudankulam, in the state of Tamilnadu in India highlight the goals of modern adversaries and underscores their desire to cause physical damage through cyber means. It serves a critical warning and alarm for everyone including governments, establishments and staff that have the responsibility to protect these critical infrastructures.
According to the 2015 "Dell Security Annual Threat Report," cyber-attacks against SCADA systems doubled in 2014 to more than 160,000.
The power sector, in particular, has shown itself to be particularly vulnerable where the Industrial Control Systems are targeted exploiting the weakest link in the cyber defense network, disguised as a legitimate email, finding a back door in the SCADA system.
SCADA systems rely heavily on communication infrastructure subsystems. Besides availability, most of these communication subsystems have to provide communication authenticity and integrity. In terms of vulnerabilities and impact, Stuxnet attack dispelled the perception that a cyberattack could only affect information technology systems. In fact, Stuxnet demonstrated how a cyberattack could compromise “air-gapped” security measures, kinetically impact industrial control production and safety systems, and result in the physical destruction of critical equipment.
Undesirable consequences can be caused by accessibility to vital networks through both authorized and unauthorized methods including copying and stealing of confidential SSL traffic from the fibers. Better cyber awareness, training, and processes can reduce vulnerabilities, however, organizations will not be able to prevent a determined adversary without a new paradigm that brings in detection and prevention capabilities to the security team.
Quantum key distribution (QKD) is the technology that uses principles of quantum mechanics to detect and prevent copying and stealing of encryption keys on the network. QKD ensures that any attempt to steal encryption keys would be immediately detected by QKD nodes and will destroy the compromised key thus making it inaccessible even to the most persistent hackers.
It is of greatest importance to secure the authenticity of the messages in the WAN; but for the prevention of specific malicious attacks it may also be required to relay certain messages encrypted and integrity protected. These properties shall be ensured using cryptographic keys distributed with QKD.
The critical infrastructure operator is responsible for the uninterrupted and undisturbed availability of the critical infrastructure. The infrastructure operator owns the network nodes, and the QKD links or the QKD network. The infrastructure operator owns the connecting fiber infrastructure or leases it from a carrier.
The Alice and Bob devices are located inside the security perimeter of the critical infrastructure operator. They are under effective control by the critical infrastructure operator while the fiber between the Alice and Bob devices is located outside of the security perimeter of the critical infrastructure operator and is not under the effective control of the critical infrastructure operator.
The critical infrastructure operator has to create, share and manage the cryptographic keys autonomously to achieve the highest level of security for cryptographic key distribution, encryption, and authentication.
Powered by Froala Editor