Toggle navigation
Ask Questions
Ask
Answer Questions
Answer
Users
FAQ
Login
Register
Preview 50% of the Answer Below
Due to formatting, images, tables, or paragraphs may be out of place or not shown. Rest assured that they will be included and formatted correctly in your purchased answer.
Details
Question Title:
Outline the Cybersecurity issues and vulnerabili
Go Back to the Question
Answer Preview
<span class="Apple-tab-span"> </span>1.<span class="Apple-tab-span"> </span>Outline the Cybersecurity issues and vulnerabilities of the petrochemical industry. Include in your answer specific actions required to improve the security profile of this industry.</span></p> <p>Cybersecurity issues and vulnerabilities of the petrochemical industry include vulnerabilities at the informational technology (IT), operational technology (OT), production, plant and management level.<br></p> <p><span class="s1">At the IT level, IT equipment such as email servers can be compromised through techniques such as spear phishing emails,Trojanized software and watering hole websites.<span class="Apple-converted-space"> </span>This may occur through the insufficient implementation of security protocols such as HTTPS. According to a Symantec IT report, the hacker group Dragonfly was one such case, with Dragonfly's hackers using Trojanized software for intelligence gathering and sabotage purposes. Hackers are also able to exploit vulnerabilities in the use of mobile and remote devices to enter the mainframe of a petrochemical plant. If a petrochemical company has an outdated ICS network and security architecture, or flaws such asinsecure connectivity to internal and external networks, or use of technologies with previously documented vulnerabilities , then XXX petrochemical XXXXXXX XXX also XX classified XX XXXXXXXXXX XX the XX XXXXXXXXXXXXX level.</span></p> <p><span class="s1">At theOT level, hackers XXX access XXX petrochemical XXXXX’s operational technology (OT) network, XX was the case XXXX XXXXXXX, XXXXX XXXXXXXX the oil and gas industry’s programmable XXXXX XXXXXXXXXXX XXX XXXXX XXXXXXX. XXXXXX systems XXX XXXXXXXX control systems also pose a XXXXXX, XX hackers can exploit XXXXX older XXXXXXX more easily.</span></p> <p><span XXXXX="XX">XX XXX XXXXXXXXXX XXXXX, XXXXXXX XXX XXXXXX vulnerabilities in the XXXXXXXXXX XXXXX to disrupt utilities, overload petrochemical XXXXXXXXX XX XXXXXX or debilitate it, make XXXXXXXXXXXX changes to product quality, XXXXXXXX chambers XX create chemical spills, XXX XXXXXXXX XXXXXXXXX to XXXXXX XXXXXX violations.XXXXXXXXXXX, hackers can exploit XXX connections between onshore XXX offshore oil XXX XXX XXXXXXXXXX in order to gain XXXXXXXXXXXX XXXXXX at the production XXXXX.</span></p> <p><span XXXXX="XX">XX XXX plant XXXXX, hackers XXX XXXXXXX plant closures to gain access. XX a XXXXXXXXXXXXX company does XXX have the necessary measures to ensure that a XXXXX, when XXXXXX, is secured from external access, XXXXX XXXXXXXX can XXXXXXX valuable XXXXXXXXXXXXX for third XXXXXXX to gain access.</span></p> <p><span XXXXX="XX">XXXXXXX, XX XXX XXXXXXXXXX XXXXX, managers XXX XXXX XX promote XXXXXXX regulation and corporate XXXXXXXXX in XXXXXXXXXXXXX. XXXXXXXXXX may XXXX XXXXXX short in investing in XXXXXXX XXXXXXXXXXXXX systems by cybersecurity XXXXXXXXX such XX Symantec, XXX may not have implemented appropriate risk XXXXXXXXXX, threat vulnerability XXXXXXXXXX XXX emergency response XXXXXXX.</span></p> <p><span class="s1">XXXXXXXX actions required XX advance XXX security profile of this industry XXXXXXX generic and XXXXXXXX-XXXXXXXX measures. XXX generic measures, XXXXXXXXX XX XXX Center XXX Internet Security,generic actions XX XXXXXXX the security XX XXX XXXXXXXXXXXXX XXXXXXXX XXXXXXX an inventory of authorised XXXXXXX and XXXXXXXX, state-of-XXX-XXX secure XXXXXXXXXXXXXX XXX XXXXXXXX XXX XXXXXXXX, protections for XXXXX XXX XXX XXXXXXXX, anti-XXXXXXX XXXXXXXX XXXXXXXX, data recovery XXXXXXXX, data XXXXXXXXXX, XXXXXXXX access control, penetration XXXXX, limitation and control XX network ports, XXXXXXXXXXX and XXXXXXXXXX XX audit XXXX, XXXXXXXXXX and XXXXXXXXXX XXXXXX to administrator privileges. <span class="Apple-XXXXXXXXX-space"></span></span></p> <p><span XXXXX="XX">XXX XXXXXXXX XXXXXXXX, XXXXX include strict procedures XX regulate XXX use of XXXXXX XXXX XXXXXXX such as XXXXXX phones, a layered security XXXXXX to XXXXXX XXX connections between onshore and XXXXXXXX facilities XXXXXXXX, and an XXXXXXXXX response and XXXXXX XXXXXXXXXX system XXX petrochemical XXXXX XXXXXXXX.</span></p> <p><span class="XX">2. XXXXX XXXXXX’s assessment from XXXXXXXXXX ofCyber War: XXX XXXX XXXXXXX XX XXXXXXXX XXXXXXXX XXX XXXX XX Do About XX, describe XXXXXXX’s potential best scenario XXX XX “XXXXXXXXX XXXXXXXX” to XXXXXX other nation’s XXXXXXXXXXXXXX. Feel XXXX XX provide ‘theoretical’ XXXXXXXXX XXX war-XXXXXXXXXXXXX that XXXXXXXXX serve our nation's XXXXXXX for XXXXXXXXXXXX a XXX’s XXXXXXXX infrastructure.</span></p> <p><span class="s1">Clarke’s XXXXXXXXXX XXXX XXXXXXXXXX XX‘Cyber War: XXX XXXX XXXXXXX XX XXXXXXXX XXXXXXXX XXX What XX Do XXXXX XX’ outlines possible scenarios from a U.S. government war-gaming XXXXXXXX XX XXXXXXXX cyberwarfare between the X.S. XXX XXXXX XXXX the South China Seas XXXXXXXX. XXXXXX XXXXX XXXX this is XXXXXXXXX today, XXXX XXX Department of XXXXXXX’s annual ‘XXXXX Storm’ war XXXXXX XXXXXXXXX XX a classic XXXXXXX, XXX he emphasizes the XXX XXXXXXXXXX of XXXXXXXXXX, going XXXXX, XXXXXX XXXXXXXXXXX XX battlefield, XXXXXXXXXX XX collateral damage, XXXXXXXXXXX, crisis XXXXXXXXXXX,<span class="Apple-XXXXXXXXX-XXXXX"> </span>XXX defensive XXXXXXXXX, which will XX XXXXXXXXXXXX in constructing America’s XXXXXXXXX XXXX XXXXXXXX XXX XX ‘XXXXXXXXX Cyberwar’ XX XXXXXX XXXXXXX XXXXXX’s XXXXXXXXXXXXXX. XXXX response will XXXXXXX XXXXXXX’s XXXX XXXXXXXX use of ‘XXXXXXXXX XXXXXXXX’ to attack Iran’s XXXXXXX infrastructure.<span XXXXX="XXXXX-converted-space"></span></span></p> <p><span class="s1">Assuming that XXXX XXX XXXXXXXXXX nuclear XXXXXXX XXXX America needs to XXXXXXX XXX XXXXXXX, XXXXXXX’s XXXX XXXX XXXXXXXX would XX XX quickly XXXXXX a preemptive XXXXXX XXXXXXX Iran’s XXXXXXX XXXXXXXXXX XXXXX pre-XXXX logic XXXXX XXXX XXXXXXXX XXXXXXX inspections conducted XXXXX XXX XXXXX XXXXXXXXXXXXXX, XXX then shore up its own XXXXXXXX cybersecurity XXXXXXXX in order to XXXXX collateral XXXXXX and XXXXXX instability. It XX also important for America XX XXXXXXXXX XXX role in XXX XXXXXX XXX XXXXX XXXXXXXXXXX, while also complementing XXX XXXXXXXXXX of XXX XXXXXXX nuclear XXXXXXXXXXXXXX XXXX XXX hijacking of Iranian XXXXX to broadcast pro-XXXXXXXX sentiments XX Iranian XXXXX channels. This best XXXX scenario would XXXXXX that XXXXXXX is able XX XXXXXXX XXX XXXXXXXXX XXXXXXX XXXXXXX nuclear XXXXXXXXXXXXXX, while remaining XXXXXXXXX XXX well defended XXXXXXX potential XXXXXXX XXXXXXXXX. It XX XXXX important for XXXXXXX to install XXXXXXXX tunnels XXXX Iranian XXXXXXXXXX, and to XXXX quickly to prevent Iran from XXXXXXXX packet flows, dropping XXXXXXXXXXXX or quarantining its XXXXXXXXXX altogether, XXX XX which will reduce the XXXXXXXX of this XXXXXXXXXX XXXXXXXX XXXXXXXX strategy. XXXXXXXXXXX, it XX crucial that American XXXX ensures that its XXXXXX, XXXX XX XXXXX Arabia XXX XXXXXX, XXX well defended XXXXXXX XXXXXXXXXXX attacks XX XXX Iranians XX American XXXXXX. XXXXXXX, America needs XX XXXXXX XXXX its own domestic cybersecurity XXXXXXXXXXXXXX, particularly XXXXXXXXXX critical infrastructure XXXX as banking XXX utilities, XXX well XXXXXXXX from XXXXXXX reprisals. <span class="XXXXX-XXXXXXXXX-XXXXX"></span></span></p> <p><span class="s1"></span> </p> <p><span class="s1">References</span></p> <p><span class="XX">XXXXXXXXX Polyakov, 'XXXXX XXXXXXXX Risks To Be XXXXX XX XX The XXX And XXX XXXXXXXXXX.' XXXXXX, XXXXX 3, XXXX.<a XXXX="XXXXX://www.forbes.com/XXXXX/XXXXXXXXXXXXXXXXX/2017/XX/03/XXXXX-security-risks-to-XX-aware-XX-in-the-oil-and-gas-XXXXXXXXXX/#beac5233f0a2"><span XXXXX="s2"></span></a><a href="XXXXX://www.XXXXXX.XXX/XXXXX/XXXXXXXXXXXXXXXXX/2017/XX/03/XXXXX-security-risks-XX-XX-XXXXX-XX-in-the-oil-and-g">https://www.forbes.com/sites/forbestechcouncil/XXXX/XX/03/XXXXX-security-XXXXX-to-be-aware-XX-in-XXX-oil-and-g</a></span>as-XXXXXXXXXX.</p> <p><span class="s1">XXXXX, XXXXXXXXXXX. "XXXXX XX XXX: Energy, XXXXXXXXXXXXX, XXX US defense." (XXXX).</span></p> <p><span class="XX"></span> </p> <p><span XXXXX="XX">XXXXX Ray Nichols, '10 XXXXXXXXXXXXX Threats Facing The XXX XXX XXX Industry.' Manufacturing.net, January 30, 2018.<a XXXX="XXXXX://XXX.XXXXXXXXXXXXX.net/XXXXXXX/XXXX/XX/XX-cybersecurity-XXXXXXX-facing-XXX-and-XXX-industry"><span class="s2"></span></a><a XXXX="https://XXX.manufacturing.net/XXXXXXX/XXXX/01/10-cybersecurity-threats-XXXXXX-XXX-and-gas-XXXXXXXX">XXXXX://www.XXXXXXXXXXXXX.net/article/XXXX/01/10-cybersecurity-XXXXXXX-facing-XXX-and-XXX-XXXXXXXX</a></span></p> <p><span XXXXX="s1">XXXX, Yong, Changqing XXXXX, Feng Xie, Zhonghua Dai, Qi XXXXX, XXX Yang Gao. "Industrial control system cybersecurity XXXXXXXX." Journal XX Tsinghua XXXXXXXXXX Science and XXXXXXXXXX XX, XX. 10 (XXXX): XXXX-1408.</span></p> <p><span class="s1"></span> </p> <p><span class="XX">XXX XXX, XXXXXX. "XXX governance XX XXXXXXXXX cybersecurity: a case study XX the XXXXXXXXXXXXX industry in the Port of XXXXXXXXX." Crime, Law XXX Social XXXXXX 68, XX. 1-2 (XXXX): XX-93.</span></p>">
