Abstract
For several years, security experts and government officials have been warning about a “Cyber Pearl Harbor” – a cyber attack on the nation’s power grid. Current cyber security research focuses on the tactical aspects of infrastructure attacks and views attackers as passive agents, downplaying their strategies. The research only minimally incorporates the human element, which limits the understanding of cyber attacks on the critical infrastructure.
This paper explores attacker decision-making with regard to power grid cyber attacks from a criminological perspective. It presents the findings from a survey that explored the technical and non-technical factors influencing attacker decision-making. A total of 330 participants from the ethical hacker community and the power industry were surveyed. Nine factors influencing attacker decision-making emerged and were organized to create the PARE RISKS framework: prevention measures (P); attacks and alliances (A); result (R); ease of access (E); response (R); interconnectedness and interdependencies (I); security testing and audits (S); knowledge and research (K); and system weaknesses (S). This paper makes the case that infrastructure attackers are intelligent, active actors who plan strategic attacks and adapt to their environments. The paper also offers recommendations for cyber security policy, focusing on improved security practices, education programs and mandatory security budgets.
Chapter PDF
Similar content being viewed by others
References
S. Baker, S. Waterman and G. Ivanov, In the Crossfire: Critical Infrastructure in the Age of Cyber War, McAfee, Santa Clara, California, 2009.
A. Beatty, U.S. cybersecurity chief warns of “market” in malware, Agence France-Presse, June 17, 2009.
E. Bumiller and T. Shanker, Panetta warns of dire threat of cyberattack on U.S., New York Times, October 11, 2010.
R. Clarke, Situational crime prevention, in Environmental Criminology and Crime Analysis, R. Wortley and L. Mazerolle (Eds.), Willan Publishing, Portland, Oregon, pp. 178–194, 2008.
L. Cohen and M. Felson, Social change and crime rate trends: A routine activity approach, American Sociological Review, vol. 44(4), pp. 588–609, 1979.
D. Cornish and R. Clarke (Eds.), The Reasoning Criminal: Rational Choice Perspectives on Offending, Springer-Verlag, New York, 1986.
A. Costello and J. Osborne, Best practices in exploratory factory analysis: Four recommendations for getting the most from your analysis, Practical Assessment, Research and Evaluation, vol. 10(7), pp. 173–178, 2005.
N. Denzin (Ed.), Sociological Methods: A Sourcebook, McGraw-Hill, New York, 1978.
N. Falliere, L. O’Murchu and E. Chien, W32.Stuxnet Dossier, Symantec, Mountain View, California, 2011.
A. Field, Discovering Statistics Using SPSS, Sage Publications, London, United Kingdom, 2013.
N. Grant and L. Fabrigar, Exploratory factor analysis, in Encyclopedia of Measurement and Statistics, N. Salkind (Ed.), Sage Publications, Thousand Oaks, California, pp. 332–335, 2007.
Idaho National Laboratory, NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses, INL/EXT-10-18381, Idaho Falls, Idaho, 2010.
T. Jick, Mixing qualitative and quantitative methods: Triangulation in action, Administrative Science Quarterly, vol. 24(4), pp. 602–611, 1979.
N. King and C. Horrocks, Interviews in Qualitative Research, Sage Publications, Thousand Oaks, California, 2010.
McAfee, Advanced Persistent Threat, Santa Clara, California ( blogs.mcafee.com/tag/advanced-persistent-threat ).
National Security Telecommunications Advisory Committee, Electric Power Risk Assessment, Washington, DC ( www.solarstorms.org/ElectricAssessment.html ), 2000.
P. Oman, E. Schweitzer and J. Robert, Safeguarding IEDS, substations and SCADA systems against electronic intrusions, Proceedings of the Western Power Delivery Automation Conference, 2001.
E. Pedhazur and L. Schmelkin, Measurement, Design and Analysis: An Integrated Approach, Taylor and Francis, New York, 1991.
QSR International, NVivo 9 Features and Benefits, Melbourne, Australia ( www.qsrinternational.com/products_nvivo_features-and-benefits.aspx ).
QSR International, What is Qualitative Research? Melbourne, Australia ( www.qsrinternational.com/what-is-qualitative-research.aspx .
R. Rantala, Cybercrimes Against Businesses, 2005, Special Report NCJ 221943, Bureau of Justice Statistics, U.S. Department of Justice, Washington, DC, 2008.
A. Rege, Cybercrimes against critical infrastructures: A study of online criminal organizations and techniques, Criminal Justice Studies, vol. 22(3), pp. 261–271, 2009.
A. Rege, Offender decision-making in industrial control systems cybercrime, presented at the Cyber Infrastructure Protection Conference, 2012.
S. Sloane, The U.S. needs a cybersecurity czar now, Bloomberg Businessweek, August 13, 2009.
Staff of Congressmen Edward J. Markey (D-MA) and Henry A. Waxman (D-CA), Electric Grid Vulnerability: Industry Responses Reveal Security Gaps, U.S. House of Representatives, Washington, DC, 2013.
K. Stouffer, J. Falco and K. Scarfone, Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, National Institute of Standards and Technology, Gaithersburg, Maryland, 2012.
L. Tinnel, O. Saydjari and D. Farrell, Cyberwar strategy and tactics: An analysis of cyber goals, strategies, tactics and techniques, Proceedings of the IEEE SMC Workshop on Information Assurance, pp. 228–234, 2002.
U.S. Department of Homeland Security, Common Cybersecurity Vulnerabilities in Industrial Control Systems, Washington, DC, 2011.
U.S. Government Accountability Office, Protection of Chemical and Water Infrastructure: Federal Requirements, Actions of Selected Facilities and Remaining Challenges, Report No. GAO-05-327, Washington, DC, 2005.
B. Wingfield, Power-grid cyber attack seen leaving millions in dark for months, Bloomberg, January 31, 2012.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
Rege, A. (2013). Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks. In: Butts, J., Shenoi, S. (eds) Critical Infrastructure Protection VII. ICCIP 2013. IFIP Advances in Information and Communication Technology, vol 417. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-45330-4_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-45330-4_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-45329-8
Online ISBN: 978-3-642-45330-4
eBook Packages: Computer ScienceComputer Science (R0)