Information Cyber Security

No matter the size of your organization, advanced cyber-attacks, such as

Advanced Persistent Threats, represent a credible threat and risk to your
organization. Whether a cybercriminal, disgruntled activist, competitor or
nation-state actor, Chief Information Security Officers (CISOs) must address
the
risk
these
adversaries
pose
to
their
organization.
Information security research and analysis firm Securosis presents a four-step
process in their eBook, The CISOs Guide to Advanced Attackers.
Gather intelligence
Mine for cyber threat indicators
Respond to information security alerts
Break the kill chain or cyber-attack process
Dell SecureWorks can help you at every step:
Global threat intelligence from our Counter Threat Unit (CTU) about emerging
cyber threats against your organization
Threat hunting services to mine deep within the environment for threat
indicators
Active incident responders contain the advanced threat and break the kill
chain
About Dell SecureWorksDell SecureWorks is a market leading provider of
world-class information security services with over thousands of customers
worldwide. Organizations of all sizes, including more than 15 percent of the
Fortune 500, rely on Dell SecureWorks to protect information assets, improve
compliance and reduce costs.

Threats Cyber Security

The pervasiveness of the Internet has created significant personal,
organizational, and infrastructure dependencies that are not confined by
national borders. Globalization and the advent of the Information Age have
empowered individuals, national subgroups, and non-state actors. Disruptive
attacks can be perpetrated not only by nation-states, but also by national
opposition groups, ideological radicals, terrorist organizations, and
individuals. Several sorts of threats emerge from this new environment, each
with varying levels of national security concern. The first is the threat of
disruption of communication flows, economic transactions, public information
campaigns, electric power grids, and political negotiations. Second is the
threat of exploitation of sensitive, proprietary, or classified information. Third
is the threat of manipulation of information for political, economic, military, or
trouble-making purposes. And last is the threat of destruction of information
or, potentially, of critical infrastructure components that can have deleterious
economic and national security consequences. Government can improve
cooperation with the private sector through information sharing on
vulnerabilities; continued facilitation of discussions within industry sectors;
and through national coordination for cyber concerns and alerts. Government
can also provide specific incentives to the private sector to better protect its
systems by establishing liability limits against disruption of service for
companies using security best practices; and providing specific awards or
credits for information leading to hacker arrests. Government can also
increase its credibility with the private sector by taking certain internal
measures by agreeing on a clear definition of the problem and a clear
delineation of responsibilities; improving education and training of
professionals
and
government
employees;
and
working
toward
comprehensive legislation for international collaboration for the prevention
and prosecution of cyber crimes. 29 footnotes

Measures Cyber Security

In this paper, we analyze the cyber security of state estimators in Supervisory
Control and Data Acquisition (SCADA) systems operating in power grids. Safe
and reliable operation of these critical infrastructure systems is a major
concern in our society. In current state estimation algorithms there are bad
data detection (BDD) schemes to detect random outliers in the measurement
data. Such schemes are based on high measurement redundancy. Although
such methods may detect a set of very basic cyber attacks, they may fail in
the presence of a more intelligent attacker. We explore the latter by
considering scenarios where deception attacks are performed, sending false
information to the control center. Similar attacks have been studied before for
linear state estimators, assuming the attacker has perfect model knowledge.
Here we instead assume the attacker only possesses a perturbed model.
Such a model may correspond to a partial model of the true system, or even
an out-dated model. We characterize the attacker by a set of objectives, and
propose policies to synthesize stealthy deceptions attacks, both in the case of
linear and nonlinear estimators. We show that the more accurate model the
attacker has access to, the larger deception attack he can perform
undetected. Specifically, we quantify trade-offs between model accuracy and
possible attack impact for different BDD schemes. The developed tools can
be used to further strengthen and protect the critical state-estimation
component in SCADA systems