To the relevance of the general topic pointed out in this module, critical infrastructure, and specifically Electric grid, I would like to pick two activities out of the six malicious cyber-activities identified by the Information Systems Audit and Control Association (ISACA).
Malicious Code: is a code inserted in a software system or web script intended to cause undesired effects, security breaches or damage to a system. A common malicious code that exploits and targets the security vulnerability of a system can include computer viruses, worms, Trojan horses, logic bombs, spyware, adware, and backdoor programs. Now many critical infrastructure, electric grid for example is monitored by multiple and complex control systems. The previously manually operated systems are now connected through a sophisticated advanced technology transmission controls which greatly contribute to the chances of cyber-attack. Specially now, with the increase in connectivity of the internet of things, attacking and disrupting these control systems from the comfort of your home is real more than ever. In the history of the internet, one of the most knows and popular story is the Stuxnet incident. Stuxnet is a malicious worm infiltrated to target supervisory control and data acquisition (SCADA) systems of the Iranian nuclear program diploid from other countries and the damage was enormous.
Denial of service: is another cyber-related activity in which an attacker or a perpetrator attempted to subject a machine or a network resource unreachable to a legitimate user for temporary or permanent period of time. This attack is intended to saturate or stress a system to a point of a crash by flooding it with loads of packets. For the related case of electric grid, denial of service attacks has practically and successfully shown to interrupt electric systems in US states of Utah and California in March, 2019 (CNBC news). Generally denial of service attack is one of the most harmful attack which can do a lot of damage to critical infrastructure ,equally to electric power systems.
Reference:
–https://www.cnbc.com/2019/05/02/ddos-attack-caused-interruptions-in-power-system-operations-doe.html