Security Analysis for Cyber Physical Systems

Question: Discuss about the Security Analysis for Cyber Physical Systems. Answer: Introduction: Security breaches are very common nowadays as everything is digital so it becomes easy for hackers to get into any ones system with just few line of codes. Such an incident has been reported that a group of China based hackers names Iron Tiger recently switched to their new target leaving the victims of Asia-Pacific to steal terabytes of confidential data from US firms and government contractors. They started their hacking on US Defense Contractors and initially kept spying on politicians and government agencies that were based in China, Hong Kong, Philippines and Tibet. However the group has recently shifted its target to the US firms who are mainly working in aerospace, energy, intelligence, telecoms and nuclear industries. Reports claiming that the group has data over fifty eight gigabytes and all these was stole from a single target. It is said that terabytes of data has been taken out from all these firms by the hackers. They used the services that were provided by BlogSpot and Google Cloud Platform in order to make all these happen ("Forbes Welcome", 2015). They started all this with the most basic method that this sending emails which contained malicious links and they code named it as Iron Tiger in which they used various means of attacks that including spear-phishing emails which were sent to various parties in the firms and by this they cornered each of the government officials, executives, engineers and PR teams and the news gained huge popularity (Paganini, Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security Threat Landscape Stakeholder Group, 2015). The attackers were quite smart enough as they sent mails which looked like genuine mails. They took their time and planned everything rather than rushing into things (Agnarsson, Greenlaw Kantabutra, 2016). They sent mails to these officials where they attached some professional things and sometimes personal subjects whichever looked appropriate and the target may feel safe when opening these links. They sent mails to these officials claiming that it from the mayor of some other country who wants to make some business with them or to promote something. These mails looked quite genuine and the officials clicked on these mails. The cleverest part of all these are that in some of the cases there were no visible evidence that some malicious link could have been included in this (Ashok et al., 2015). Unknowingly the victims opened these mails as well as the links that are present there. The hackers included a web bug which was well hidden within the mail that many of the users will generally ignore them but that bug helped the hackers to get all the important information like IP address of the victim, their operating system and their browser details. Some other mails may contain a script which will run in the background and the user may not know this only as soon as they opened the mail. The most interesting part is that they breached into the system in 2013 but they continued to monitor their systems and did not make any move until in the year 2015, they took terabytes of data from these systems (Dutt, Ahn Gonzalez, 2013). It is suspected that Chine is the home base of these attackers as all the VPNs that they have using directly leads to China. Also the file names and password that they used to encrypt these data were in Chinese. The set of language IDs that were used in malware binaries were been using simplified Chinese. The main things that led to this conclusion that that the hacker group is from china is that the tools that is HUC Packet Transmit Tool were used by the Chinese only and the links that they used to send the emails were also registered with Chinas physical address. Some other information also led to the fact that QQ, Lofter, 163.com were very much popular in China only. The problem mainly occurred due to the ongoing tension between the two nations. It simply started with a mail which containe d malicious links or web bug or a script which were very basic tools that any hacker can use to get into others system (Gao, Zhong Mei, 2015). The very problem could be avoided if the officials did not open those mails or even before opening the mails could have consulted with their higher officials. In order to catch these hackers, the firms should set a series of honey traps which would look like vulnerability but in actual was a trap to track the IP address. They only relied on a single system for which they are facing problems. They should have made their security much stronger and should have laid a series of security over the network rather than a single strong security. Also they should try to filter their mails before they open it and get it checked. Before opening any mail they should cross check and should run a system check on a timely basis and if any fault is found, it needs to get resolved as soon as possible (Green Xia, 2016). Apple is considered the biggest manufacturer of mobile phones and holds seventy percent of the market. Apple claims that the security features that it provides is the best in class due to the encryption present and also claims that Apple does not store any data as every data that a user sends or uploads directly goes to the cloud from where it is near to impossible to break through. But in 2014, a hacker named Ryan Collins hacked into the iCloud and got all the private and intimate pictures of most of celebrities which they stored in the iCloud ("We Still Don't Have Assurance From Apple That iCloud Is Safe", 2014). The pictures that were stolen from iCloud were published on Reddit and Imgur from where it spread like a wild fire. Many celebrities got affected by this act (Judge, 2014). There was a vulnerability present that allowed the hacker to try innumerous attempts where they can provide basic information even if they failed in the first time (Kwon, Liu Hwang, 2013). This fault w as not detected by any Apple security personnel and the hacker gained this as its personal advantage where he tried phishing which gained him unlimited access to the iCloud security feature and got access to multiple user accounts and stole all their private information. He sent multiple emails to multiple users saying that their account has been comprised and they need to reset their passwords and mail id in order to safeguard their personal details. Unaware of the fact that it was not an official company mail but a private mail from the hacker, the hacker got all the information he needed to get into the system (Mancuso et al., 2014). He later logged in iCloud with these username and passwords and got an instant access to these data which he stole and published it over the internet for the whole world to see. Recently there is a same incident that happened again and is termed as 2.0 where again the celebrities personal pictures are stolen. In respond to this Apple said that they a re trying their level best to cope up with the situation but it is too late now. The victims that were affected were mainly the celebrity whose personal pictures were published all over the internet and also were broadcasted over the news. It happened mainly due to the ignorance of the users as they did not care to ask the company about all these and went on changing the passwords which then was redirected to the hacker and he got an authorization for all the data that are present (Rid Buchanan, 2015). Apple claimed that their security was top of the line and no other user can penetrate through this security. For this type of attack, the hacker used the most basic hacking tool that is Phishing were he forwarded a mail to all the users that there mail id and password has been changed (Steinmetz, 2016). The mail had a malicious link and a script which runs in the background and the user was unaware of this fact. It monitors the whole system and records all the activities that the user does and sends a report of the logs to the hacker directly (Wells et al., 2014). In this way the hacker got access to all the users account and by this he carried the rest of the things. The following attack could have been avoided if the users did not follow what is written in the mail and before doing anything like that contacted the company for further details. Also before clicking on the link, they should have cross checked whether it was genuine or not. Beside users fault, Apples fault is also there that they should provide 2F-A which is two factor authentications so that while logging in, the user needs to set a unique password or an OTP will be sent to the users mail id without which the second stage of authentication would not be completed (Gao, Zhong Mei, 2015). If they had incorporated this thing in their system, then this mishap could have been avoided. Also they should do a maintenance check on a regular basis in order to find any vulnerability and if found, it needs to be taken care of immediately without any delay. The users should update their passwords on a regular basis to avoid all these from happening. Also the company should add more security fea tures to secure the data that is present and should encrypt all the data that are being sent or uploaded (Ashok et al., 2015). Encryption makes the data more secure and hard to obtain so it would be difficult for the hackers to know what the real data is even if they manage to get their hands on it. References Agnarsson, G., Greenlaw, R., Kantabutra, S. (2016). On cyber attacks and the maximum-weight rooted-subtree problem.Acta Cybernetica,22(3), 591-612. Ashok, A., Wang, P., Brown, M., Govindarasu, M. (2015, July). Experimental evaluation of cyber attacks on automatic generation control using a CPS security testbed. InPower Energy Society General Meeting, 2015 IEEE(pp. 1-5). IEEE. Dutt, V., Ahn, Y. S., Gonzalez, C. (2013). Cyber situation awareness modeling detection of cyber attacks with instance-based learning theory.Human Factors: The Journal of the Human Factors and Ergonomics Society,55(3), 605-618. Forbes Welcome. (2015). Forbes.com. Retrieved 8 April 2017, from https://www.forbes.com/sites/lisabrownlee/2015/09/17/chinese-cyber-attacks-on-us-military-interests-confirmed-as-advanced-persistent-and-ongoing/#102fc25e694f Gao, X., Zhong, W., Mei, S. (2015). Security investment and information sharing under an alternative security breach probability function.Information Systems Frontiers,17(2), 423-438. Green, D., Xia, H. (2016). Analysis of Security Breach Notification Law in the United States. Judge, A. (2014). iCloud hacking scandal sees photos of A-list celebrities leaked on 4chan. IT Pro Portal. Retrieved 8 April 2017, from https://www.itproportal.com/2014/09/01/icloud-hacking-scandal-sees-naked-photos-of-a-list-celebrities-leaked-on-4chan/ Kwon, C., Liu, W., Hwang, I. (2013, June). Security analysis for cyber-physical systems against stealthy deception attacks. InAmerican Control Conference (ACC), 2013(pp. 3344-3349). IEEE. Mancuso, V. F., Strang, A. J., Funke, G. J., Finomore, V. S. (2014, September). Human factors of cyber attacks a framework for human-centered research. InProceedings of the Human Factors and Ergonomics Society Annual Meeting(Vol. 58, No. 1, pp. 437-441). SAGE Publications. Paganini, +., Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) )Threat Landscape Stakeholder Group,. (2015). Operation Iron Tiger, hackers target US Defense Contractors. Security Affairs. Retrieved 8 April 2017, from https://securityaffairs.co/wordpress/40199/cyber-crime/operation-iron-tiger.html Rid, T., Buchanan, B. (2015). Attributing cyber attacks.Journal of Strategic Studies,38(1-2), 4-37. Steinmetz, K. F. (2016).Hacked: A Radical Approach to Hacker Culture and Crime. NYU Press. We Still Don't Have Assurance From Apple That iCloud Is Safe. (2014). Business Insider. Retrieved 8 April 2017, from https://www.businessinsider.in/We-Still-Dont-Have-Assurance-From-Apple-That-iCloud-Is-Safe/articleshow/41569372.cms Wells, L. J., Camelio, J. A., Williams, C. B., White, J. (2014). Cyber-physical security challenges in manufacturing systems.Manufacturing Letters,2(2), 74-77.