Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks

Abstract : For several years, security experts and government officials have been warning about a “Cyber Pearl Harbor” – a cyber attack on the nation’s power grid. Current cyber security research focuses on the tactical aspects of infrastructure attacks and views attackers as passive agents, downplaying their strategies. The research only minimally incorporates the human element, which limits the understanding of cyber attacks on the critical infrastructure.This paper explores attacker decision-making with regard to power grid cyber attacks from a criminological perspective. It presents the findings from a survey that explored the technical and non-technical factors influencing attacker decision-making. A total of 330 participants from the ethical hacker community and the power industry were surveyed. Nine factors influencing attacker decision-making emerged and were organized to create the PARE RISKS framework: prevention measures (P); attacks and alliances (A); result (R); ease of access (E); response (R); interconnectedness and interdependencies (I); security testing and audits (S); knowledge and research (K); and system weaknesses (S). This paper makes the case that infrastructure attackers are intelligent, active actors who plan strategic attacks and adapt to their environments. The paper also offers recommendations for cyber security policy, focusing on improved security practices, education programs and mandatory security budgets.
Type de document :
Communication dans un congrès
Jonathan Butts; Sujeet Shenoi. 7th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2013, Washington, DC, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-417, pp.125-138, 2013, Critical Infrastructure Protection VII. 〈10.1007/978-3-642-45330-4_9〉
Liste complète des métadonnées

Littérature citée [18 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01456897
Contributeur : Hal Ifip <>
Soumis le : lundi 6 février 2017 - 09:45:56
Dernière modification le : lundi 6 février 2017 - 09:49:06
Document(s) archivé(s) le : dimanche 7 mai 2017 - 12:42:35

Fichier

978-3-642-45330-4_9_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Aunshul Rege. Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks. Jonathan Butts; Sujeet Shenoi. 7th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2013, Washington, DC, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-417, pp.125-138, 2013, Critical Infrastructure Protection VII. 〈10.1007/978-3-642-45330-4_9〉. 〈hal-01456897〉

Partager

Métriques

Consultations de la notice

48

Téléchargements de fichiers

60