Advertisement

The Threat of Digital Hacker Sabotage to Critical Infrastructures

  • Sara Ligaard Norgaard Hald
  • Jens Myrup Pedersen
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 233)

Summary

In this paper, we analyze the threat of digital sabotage, specifically Denial of Service (DoS) attacks, to critical infrastructures such as power plants, Intelligent Transportation Systems, airports, and similar. We compare the profile of critical infrastructure installations to known attacker profiles to establish which attackers are most likely to be a threat, thereby creating a more precise threat picture to help prioritize digital defence efforts in critical infrastructure. The main contribution of the paper is the identification of which hacker categories are most probably to attack critical infrastructures. Together with the profiles of the hacker categories this can be used for identifying appropriate countermeasures against potential attacks.

Keywords

Intrusion Detection System Intelligent Transportation System Critical Infrastructure Successful Attack Threat Assessment 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
    Antonatos, S., Akriditis, P., et al.: Defending against Hitlist Worms using Network Address Space Randomization. In: WORM 2005. ACM, USA (2005), 1-59593-229-1/05/0011Google Scholar
  3. 3.
    Capelli, D., Moore, A., et al.: Common Sense Guide to Prevention and Detection of Insider Threats, 3rd edn., Version 3.1. Software Engineering Institute, Carnegie Mellon University (2009)Google Scholar
  4. 4.
    Department of Homeland Security, National Cybersecurity and Communications Integration Center Bulletin: Assessment of Anonymous Threat to Control Systems, Department of Homeland Security, USA (2011)Google Scholar
  5. 5.
    Devost, M.G.: Current and Emerging Threats to Information Technology Systems and Critical Infra-structures. Global Business Briefing (2000)Google Scholar
  6. 6.
    Eronen, J., Karjalainen, K., et al.: Software Vulnerability vs. Critical Infrastructure - a Case Study of Antivirus Software. International Journal on Advances in Security 2(1) (2009) ISSN 1942-2636Google Scholar
  7. 7.
    Hald, S.L.N., Pedersen, J.M.: An Updated Taxonomy for Characterizing Hackers According to Their Threat Properties. In: 14th International Conference on Advanced Communication Technology (ICACT) 2012. IEEE (2012) ISBN 978-8955191639Google Scholar
  8. 8.
    Hunt, J.: Stuxnet, Security, and Taking Charge, Industrial Ethernet Book Issue 62/53, IEB Media GbR, Germany (2011) ISSN 1470-5745Google Scholar
  9. 9.
    Keeney, M., Cappelli, D., et al.: Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors. United States Secret Service and Carnegie Mellon Software Engineering Institute, USA (2005)Google Scholar
  10. 10.
    Lewis, J.A.: Cybersecurity and Critical Infrastructure Protection. Center for Strategic and International Studies, USA (2006)Google Scholar
  11. 11.
    Moteff, J.: Risk Management and Critical Infra-structure Protection: Assessing, Integrating, and Managing Threats, Vulnerabilities and Consequences. Congressional Research Service, USA (2005)Google Scholar
  12. 12.
    Rogers, M.: A two-dimensional circumplex approach to the development of a hacker taxonomy. Digital Investigation 3, 97–102 (2006)CrossRefGoogle Scholar
  13. 13.
    Rollins, J., Wilson, C.: Terrorist Capabilities for Cyberattack: Overview and Policy Issues. Congressional Research Service, USA (2007)Google Scholar
  14. 14.
    Shea, D.A.: Critical Infrastructure: Control Systems and the Terrorist Threat. Congressional Research Service, USA (2004)Google Scholar
  15. 15.
    Shou-Chuan, L., Wen-Chu, K., et al.: Defending against Internet Worm-like Infestations. In: Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA 2004). IEEE (2004) ISSN 0-7695-2051-0/04Google Scholar
  16. 16.
    The Honeynet Project. Know Your Enemy: Learning about Security Threats, 2nd edn. The Honeynet Project, USA (2004) ISBN 978-0321166463Google Scholar
  17. 17.
    The White House. The National Strategy to Secure Cyberspace, p. 5. The White House, USA (2003)Google Scholar
  18. 18.
    Vatis, M.A.: Cyber Attacks During the War on Terrorism: A Predictive Analysis. Institute for Security, Dartmouth College (2001)Google Scholar
  19. 19.
    Wiley, B.: Curious Yellow: The First Coordinated Worm Design (2002), http://blanu.net/curious_yellow.html

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Sara Ligaard Norgaard Hald
    • 1
  • Jens Myrup Pedersen
    • 1
  1. 1.Department of Electronic SystemsAalborg UniversityAalborgDenmark

Personalised recommendations