Skip to main content
SpringerLink
Log in

Cyber-Security and the Changing Landscape of Critical National Infrastructure: State and Non-state Cyber-Attacks on Organisations, Systems and Services

  • Chapter
  • First Online:
Applications for Artificial Intelligence and Digital Forensics in National Security

  • 751 Accesses

Abstract

The main aim of this chapter is to identify and explore key issues relating to cyber-attacks on critical national infrastructure. The chapter commences by clarifying the term critical national infrastructure. It then proceeds to highlight the rise in international incidents of cyber-attacks on critical national infrastructure. Vignette case studies, drawn from countries such Australia, USA, Ukraine and the UK are integrated into the analysis for illustrative purposes. The chapter emphasises the need for more attention to be placed on the vulnerabilities of critical national infrastructure in the light of trends such as the convergence of Information Technology and Operational Technology systems and the increasing use of Internet of Things (IoT) devices as a means of bringing systems online. Further, the chapter draws attention to the relatively low entry cost of engaging in cyber-attacks using malware, in contrast to the relatively high cost and logistical complexity of mounting physical attacks on well protected critical national infrastructure sites. One of the main conclusions drawn from the analysis is the extent to which addressing vulnerabilities in critical national infrastructure cyber-systems is likely to involve a wide range of actors, such as State-level emergency planners, manufacturers of IoT devices, and white hat hackers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ACSC (2021) ACSC Annual cyber threat report, July 2020 to June 2021. Published 15 September 2021. Retrieved from https://www.cyber.gov.au/sites/default/files/2021-09/ACSC%20Annual%20Cyber%20Threat%20Report%20-%202020-2021.pdf. Accessed on 30 Nov 2022

  2. Alcaraz C (2019) Secure interconnection of IT-OT networks in industry 4.0. In: critical infrastructure security and resilience, Springer, Cham pp 201–217

    Google Scholar 

  3. Al Hait AAS (2014) Jurisdiction in Cybercrimes: a comparative study. J Law Policy Glob 22:75–84

    Google Scholar 

  4. Almeshekah MH, Spafford EH (2016) Cyber security deception. In: cyber deception, Springer, Cham pp 23–50

    Google Scholar 

  5. Anderson R, Fuloria S (2010) Security economics and critical national infrastructure. In: economics of information security and privacy, Springer, Boston, pp 55–66

    Google Scholar 

  6. Assenza G, Faramondi L, Oliva G, Setola R (2020) Cyber threats for operational technologies. Int J Syst Syst Eng 10(2):128–142

    Google Scholar 

  7. Baballe MA, Hussaini A, Bello MI, Musa US (2022) Online attacks, types of data breach and cyber-attack prevention methods. Curr Trends Inf Technol 12(2):21–26

    Google Scholar 

  8. Badhwar R (2021) CISOs need liability protection. In: The CISO’s transformation, Springer, Cham pp 161–165

    Google Scholar 

  9. Baker T, Shortland A (2022) Insurance and enterprise: cyber insurance for ransomware. Geneva Pap Risk Insur-Issues Pract 1–25

    Google Scholar 

  10. Bērziņš J (2020) The theory and practice of new generation warfare: The case of Ukraine and Syria. J Sl Mil Stud 33(3):355–380

    Google Scholar 

  11. Boes S, Leukfeldt ER (2017) Fighting cybercrime: a joint effort. In: Cyber-physical security, Springer, Cham pp 185–203

    Google Scholar 

  12. Braw E, Brown G (2020) Personalised deterrence of cyber aggression. RUSI J 165(2):48–54

    Article  Google Scholar 

  13. Broadhurst R (2006). Developments in the global law enforcement of cyber‐crime. Policing An Int J 29(3):408–433

    Google Scholar 

  14. Bronk C, Conklin WA (2022) Who’s in charge and how does it work? US cybersecurity of critical infrastructure. J Cyber Policy 7(2):155–174

    Article  Google Scholar 

  15. Canfil JK (2022) The illogic of plausible deniability: why proxy conflict in cyberspace may no longer pay. J Cybersecur 1–16. https://doi.org/10.1093/cybsec/tyac007

  16. Case DU (2016) Analysis of the cyber attack on the Ukrainian power grid. Electr Inf Sharing Anal Cent (E-ISAC) 388(1–29):3

    Google Scholar 

  17. CISC (2022) Cyber and infrastructure security centre. Protecting Australia together. Retrieved from: https://www.cisc.gov.au/critical-infrastructure-centre-subsite/Files/protecting-australia-together.pdf. Accessed on 30 Nov 2022

  18. Clinton B (1998) A national security strategy for a new century. White House

    Google Scholar 

  19. Colarik A, Janczewski L (2015) Establishing cyber warfare doctrine. J Strateg Secur. Palgrave Macmillan, London 5(1):37–50

    Google Scholar 

  20. Collins S, McCombie S (2012) Stuxnet: the emergence of a new cyber weapon and its implications. J Polic Intell Counter Terrorism 7(1):80–91

    Article  Google Scholar 

  21. Congress (2001) United States Patriot Act (2001). Retrieved from: https://www.congress.gov/107/plaws/publ56/PLAW-107publ56.pdf. Accessed Jan 2023

  22. Conrad SH, LeClaire RJ, O’Reilly GP, Uzunalioglu H (2006) Critical national infrastructure reliability modeling and analysis. Bell Labs Tech J 11(3):57–71

    Article  Google Scholar 

  23. Center for Strategic and International Studies (CSIS) (2018) Economic Impact of Cyber Crim–No Slowing Down. Retrieved from: http://csis-website-prod.s3.amazonaws.com/s3fs-public/publication/economic-impact-cybercrime.pdf. Accessed 30 Nov 2022

  24. Corfield G (2023) Russia–linked hackers behind Royal Mail cyber-attack. Daily telegraph, 12th January 2023. Retrieved from https://www.telegraph.co.uk/business/2023/01/12/russia-linked-hackers-behind-royal-mail-cyber-attack/. Accessed 12th Jan 2023

  25. Council on Foreign Relations (2022) Cyber operations tracker. Retrieved from https://www.cfr.org/cyber-operations/#Glossary. Accessed 12th Dec 2022

  26. Denning DE (2012) Stuxnet: What has changed? Future Int 4(3):672–687

    Article  Google Scholar 

  27. Department of Homeland Security (2022) Critical infrastructure security and resilience research (CISRR) Fact Sheet. Retrieved from: https://www.dhs.gov/science-and-technology/publication/critical-infrastructure-security-resilience-research-fact-sheet#:~:text=Critical%20Infrastructure%20(CRITICAL%20INFRASTRUCTURE)%20consists%20of,or%20public%20health%20or%20safety. Accessed 30 Nov 2022

  28. Dhatrak A, Sarkar A, Gore A, Paygude M, Waghmare M, Sahane H (2020) Cyber security threats and vulnerabilities in IoT. Int Res J Eng Technol 7(03)

    Google Scholar 

  29. Di Pinto A, Dragoni Y, Carcano A (2018) Triton: The first ICS cyber attack on safety instrument systems. In: Proc Black Hat USA Vol 2018, pp 1–26

    Google Scholar 

  30. Donnelly P, Abuhmida M, Tubb C (2022) The drift of industrial control systems to pseudo security. Int J Crit Infrastruct Prot 100535

    Google Scholar 

  31. Duncan S, Carneiro R, Braley J, Hersh M, Ramsey F, Murch R (2022) Cybersecurity: Beyond ransomware: securing the digital food chain. Food Aust 74(1):36–40

    Google Scholar 

  32. Eckert S (2005) Protecting critical infrastructure: the role of the private sector. Guns Butter Political Econ Int Secur 1

    Google Scholar 

  33. Eling M, Elvedi M, Falco G (2022) The economic impact of extreme cyber risk scenarios. North Am Actuarial J 1–15

    Google Scholar 

  34. Ellis R (2020) Letters, power lines, and other dangerous things: the politics of infrastructure security, MIT Press

    Google Scholar 

  35. Europa (2022) Cyber resilience act. Europa. Retrieved from: https://digital-strategy.ec.europa.eu/en/library/cyber-resilience-act. Accessed on 30th Nov 2022

  36. Europa (2022) EU Directive 2016/ 1148. Retrieved from: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L1148&from=EN. Accessed on 2nd Jan 2023

  37. Europa (2022) EU Directive 2022/2555. Retrieved from: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32022L2555&from=EN. Accessed on 2nd Jan 2023

  38. European Union (2020) Directive of the European parliament and of the council on measures for a high common level of cybersecurity across the Union, repealing

    Google Scholar 

  39. Farwell JP, Rohozinski R (2011) Stuxnet and the future of cyber war. Survival 53(1):23–40

    Article  Google Scholar 

  40. Fast Identity Online (FIDO) Alliance (2022) The internet of things IoT. Retrieved from https://fidoalliance.org/internet-of-things. Accessed 15th Dec 2022

  41. Fjäder C (2014) The nation-state, national security, and resilience in the age of globalisation. Resilience 2(2):114–129

    Article  Google Scholar 

  42. Friis K, Lysne O (2021) Huawei, 5G and security: technological limitations and political responses. Dev Chang 52(5):1174–1195

    Article  Google Scholar 

  43. Furnell S, Heyburn H, Whitehead A, Shah JN (2020) Understanding the full cost of cyber security breaches. Comput Fraud Secur 2020(12):6

    Article  Google Scholar 

  44. Fuster GG, Jasmontaite L (2020) Cybersecurity regulation in the European Union: the digital, the critical and fundamental rights. In: The ethics of cybersecurity, Springer, Cham pp 97–115

    Google Scholar 

  45. Garimella PK (2018) IT-OT integration challenges in utilities. In: 2018 IEEE 3rd international conference on computing, communication and security (ICCCS) IEEE, pp199–204

    Google Scholar 

  46. Giannelli C, Picone M (2022) Editorial “Industrial IoT as IT and OT Convergence: Challenges and Opportunities.” IoT 3(1):259–261

    Article  Google Scholar 

  47. Glassberg J (2016) Defending against the ransom ware threat. Powergrid Int 21(8):22–24

    Google Scholar 

  48. Hagerott M (2014) Stuxnet and the vital role of critical infrastructure operators and engineers. Int J Crit Infrastruct Prot 7(4):244–246

    Article  Google Scholar 

  49. Harrop W, Matteson A (2014) Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA. J Bus Contin Emer Plan 7(2):149–162

    Google Scholar 

  50. Hathaway M, Klimburg A (2012) Preliminary considerations: on national cyber security. Nat Cyber Secur Framework Manual. NATO Coop Cyber Defence Centre of Excellence Tallinn

    Google Scholar 

  51. Hayes K (2021) Ransomware: a growing geopolitical threat. Net Secur 2021(8):11–13

    Article  Google Scholar 

  52. Herrmann D (2019) Cyber espionage and cyber defence. In: information technology for peace and security, Springer Vieweg, Wiesbaden pp 83–106

    Google Scholar 

  53. Hernandez-Castro J, Cartwright A, Cartwright E (2020) An economic analysis of ransomware and its welfare consequences. Roy Soc open sci 7(3):190023

    Article  Google Scholar 

  54. Hobbs A (2021) The colonial pipeline hack: exposing vulnerabilities in us cybersecurity. In: SAGE Business Cases. SAGE Publications: SAGE business cases originals

    Google Scholar 

  55. House of Commons (2017) Post sector report for the house of commons committee on exiting the European Union. Retrieved from: https://www.parliament.uk/globalassets/documents/commons-committees/Exiting-the-European-Union/17-19/Sectoral-Analyses/27-Post-Report.pdf Accessed on16th January 2023

  56. Huddleston J, Ji P, Bhunia S, Cogan J (2021) How vmware exploits contributed to solarwinds supply-chain attack. In: 2021 international conference on computational science and computational intelligence (CSCI) pp 760–765 IEEE

    Google Scholar 

  57. Hunter LY, Albert CD, Garrett E, Rutland J (2022) Democracy and cyberconflict: how regime type affects state-sponsored cyberattacks. J Cyber Policy 7(1):72–94

    Article  Google Scholar 

  58. IBM (2022) Cyber-attacks. Retrieved from: https://www.ibm.com/uk-en/topics/cyber-attack. Accessed on 18th Dec 2022

  59. Izycki E, Vianna EW (2021) Critical infrastructure: A battlefield for cyber warfare?. In: ICCWS 2021 16th international conference on cyber warfare and security, Academic Conferences Limited, p 454

    Google Scholar 

  60. Jacob JT (2022) A potential conflict over Taiwan: a view from India. Wash Q 45(3):147–162

    Article  MathSciNet  Google Scholar 

  61. Jones KS, Lodinger NR, Widlus BP, Namin AS, Maw E, Armstrong M (2022) Grouping and determining perceived severity of cyber-Attack consequences: gaining information needed to sonify cyber-attacks. J Multimodal User Interfaces 16(4):399–412

    Article  Google Scholar 

  62. Kalech M (2019) Cyber-attack detection in SCADA systems using temporal pattern recognition techniques. Comput Secur 84:225–238

    Article  Google Scholar 

  63. Kemabonta T (2021) Grid Resilience analysis and planning of electric power systems: The case of the 2021 Texas electricity crises caused by winter storm Uri. Electr J 34(10):107044

    Article  Google Scholar 

  64. Kostyuk N, Kostyuk N, Zhukov YM (2019) Invisible digital front: can cyber attacks shape battlefield events? J Conflict Resolut 63(2):317–347

    Article  Google Scholar 

  65. Lemay A, Fernandeza JM, Knight S (2010) Pinprick attacks, a lesser included case. In: conference on cyber conflict proceedings, Tallinn, Estonia: CCD COE, pp 183–194

    Google Scholar 

  66. Lewis JA (2002) Assessing the risks of cyber terrorism, cyber war and other cyber threats. Center for Strategic and International Studies, Washington, DC, p 12

    Google Scholar 

  67. Limba T, Plėta T, Agafonov K, Damkus M (2019) Cyber security management model for critical infrastructure

    Google Scholar 

  68. Lukasik SJ, Goodman SE, Longhurst DW (2020) Protecting critical infrastructures against cyber-attack. Routledge

    Book  Google Scholar 

  69. Maglaras LA, Kim KH, Janicke H, Ferrag MA, Rallis S, Fragkou P, Cruz TJ (2018) Cyber security of critical infrastructures. Ict Express 4(1):42–45

    Article  Google Scholar 

  70. Maglaras L, Ferrag MA, Derhab A, Mukherjee M, Janicke H, Rallis S (2019) Threats, protection and attribution of cyber attacks on critical infrastructures. arXiv preprint arXiv:1901.03899

  71. Maillart JB (2019) The limits of subjective territorial jurisdiction in the context of cybercrime. In: Era Forum 19(3):375–390, Springer Berlin Heidelberg

    Google Scholar 

  72. Maillart T, Zhao M, Grossklags J, Chuang J (2017) Given enough eyeballs, all bugs are shallow? Revisiting eric raymond with bug bounty programs. J Cybersecur 3(2):81–90

    Google Scholar 

  73. Mamman A, Kamoche K, Rees C (2021) Attitudes to Globalization in the Public, Private and NGO Sectors. In: Baba Abugre J, Osabutey ELC, Sigué SP (eds) Business in Africa in the era of digital technology. Springer, London, pp 157–174

    Google Scholar 

  74. Martinelli F, Mercaldo F, Santone A (2022) A method for intrusion detection in smart grid. Procedia Comput Sci 207:327–334

    Article  Google Scholar 

  75. Mcginthy JM, Michaels AJ (2019) Secure industrial internet of things critical infrastructure node design. IEEE Int Things J 6(5):8021–8037

    Article  Google Scholar 

  76. Microsoft (2022) The hunt for NOBELIUM, the most sophisticated nation-state attack in history. Retrieved from: https://www.microsoft.com/en-us/security/blog/2021/11/10/the-hunt-for-nobelium-the-most-sophisticated-nation-state-attack-in-history/. Accessed on 18 Nov 2022

  77. Microsoft (2022) Microsoft digital defense report 2022. Retrieved from: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-usandcountry=us Accessed on 19 Nov 2022

  78. Miller T, Staves A, Maesschalck S, Sturdee M, Green B (2021) Looking back to look forward: lessons learnt from cyber-attacks on industrial control systems. Int J Crit Infrastruct Prot 35:100464

    Article  Google Scholar 

  79. Murray G, Johnstone MN, Valli C (2017) The convergence of IT and OT in critical infrastructure. In: The Proceedings of 15th Australian information security management conference, Edith Cowan University, Perth, Western Australia. pp 149–155

    Google Scholar 

  80. Miller B, Rowe D (2012) A survey SCADA of and critical infrastructure incidents. In: Proceedings of the 1st annual conference on research in information technology, pp 51–56

    Google Scholar 

  81. Milone M (2003) Hacktivism: securing the national infrastructure. Knowl Technol Policy 16(1):75–103

    Article  Google Scholar 

  82. National Institute of Standards and Technology (NIST). (2008). Guide to General Server Security. Retrieved from: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-123.pdf Accessed on 12th Dec 2022

  83. Nazir S, Patel S, Patel D (2021) Autoencoder based anomaly detection for SCADA networks. Int J Artifi Intell Mach Learn (IJAIML) 11(2):83–99

    Google Scholar 

  84. Neigel AR, Claypoole VL, Waldfogle GE, Acharya S, Hancock GM (2020) Holistic cyber hygiene education: accounting for the human factors. Comput Secur 92:101731

    Article  Google Scholar 

  85. Nguyen T, Wang S, Alhazmi M, Nazemi M, Estebsari A, Dehghanian P (2020) Electric power grid resilience to cyber adversaries: state of the art. IEEE Access 8:87592–87608

    Article  Google Scholar 

  86. OECD (2008) Protection of ‘Critical Infrastructure’ and the role of investment policies relating to national security. Retrieved from http://www.oecd.org/daf/inv/investment-policy/40700392.pdf Accessed on 27 Nov 2022

  87. Office for National Statistics. (2022). Nature of fraud and computer misuse in England and Wales: year ending March 2022. Retrieved from: https://www.ons.gov.uk/peoplepopulationandcommunity/crimeandjustice/articles/natureoffraudandcomputermisuseinenglandandwales/yearendingmarch2022#:~:text=An%20estimated%2061%25%20of%20fraud,England%20and%20Wales%20(CSEW). Accessed 3 Jan 2023

  88. Osawa J (2017) The escalation of state sponsored cyberattack and national cyber security affairs: is strategic cyber deterrence the key to solving the problem? Asia-Pac Rev 24(2):113–131

    Article  Google Scholar 

  89. Osei-Kyei R, Tam V, Ma M, Mashiri F (2021) Critical review of the threats affecting the building of critical infrastructure resilience. Int J Disaster Risk Reduction 60:102316

    Article  Google Scholar 

  90. Paul K (2021) Solar Winds hack was work of ‘at least 1000 engineers’. The guardian. Retrieved from: http://www.theguardian.com/technology/2021/feb/23/solarwinds-hack-senate-hearing-microsoft. Accessed Dec 2022

  91. Peisert, Sean, Bruce Schneier, Hamed Okhravi, Fabio Massacci, Terry Benzel, Carl Landwehr, Mohammad Mannan, Jelena Mirkovic, Atul Prakash, James Bret Michael. Perspectives on the solar winds incident. IEEE Secur Privacy 19(2):7–13

    Google Scholar 

  92. Peters A, Jordan A (2019) Countering the cyber enforcement gap: Strengthening global capacity on cybercrime. J Nat Secur Law Policy 10:487–495

    Google Scholar 

  93. Pérez-Martínez MM, Carrillo C, Rodeiro-Iglesias J, Soto B (2021) Life cycle assessment of repurposed waste electric and electronic equipment in comparison with original equipment. Sustain Prod Consumption 27:1637–1649

    Article  Google Scholar 

  94. Radvanovsky R, McDougall A (2018) Critical infrastructure: homeland security and emergency preparedness. CRC Press

    Google Scholar 

  95. Reeder JR, Hall T (2021) Cybersecurity’s Pearl Harbor moment. Cyber Defense Rev 6(3):15–40

    Google Scholar 

  96. Rees J (2022) The internet of things and terrorism: a cause for concern. In: privacy, security and forensics in the internet of things (IoT). Springer, Cham, pp 197–202

    Google Scholar 

  97. Rees J, Montasari R (2022) The Impact of the Internet and cyberspace on the rise in terrorist attacks across the US and Europe. In: disruption, ideation and innovation for defence and security. Springer, Cham, pp 135–148

    Google Scholar 

  98. Rid T (2012) Cyber war will not take place. J Strateg Stud 35(1):5–32

    Article  Google Scholar 

  99. Ridley G (2011) National security as a corporate social responsibility: critical infrastructure resilience. J Bus Ethics 103(1):111–125

    Article  Google Scholar 

  100. Sembiring Z (2020) Stuxnet threat analysis in SCADA (supervisory control and data acquisition) and PLC (Programmable logic controller) systems. J Comput Sci Inf Technol Telecomm Eng 1(2):96–103

    Google Scholar 

  101. Semwal P, Handa A (2022) Cyber-attack detection in cyber-physical systems using supervised machine learning. In: handbook of big data analytics and forensics, Springer, Cham pp 131–140

    Google Scholar 

  102. Serra KLO, Sanchez-Jauregui M (2021) Food supply chain resilience model for critical infrastructure collapses due to natural disasters. Bri Food J

    Google Scholar 

  103. Shahzad A, Lee M, Xiong NN, Jeong G, Lee YK, Choi JY, Ahmad I (2016) A secure, intelligent, and smart-sensing approach for industrial system automation and transmission over unsecured wireless networks. Sensors 16(3):322

    Article  Google Scholar 

  104. Serpanos D, Wolf M (2018) Industrial internet of things. In: internet-of-things (IoT) Systems, Springer, Cham pp 37–54

    Google Scholar 

  105. Sharif MHU, Mohammed MA (2022) A literature review of financial losses statistics for cyber security and future trend. World J Adv Res Rev 15(1):138–156156

    Article  Google Scholar 

  106. Silverman D, Hu YH, Hoppa M (2020) A study on vulnerabilities and threats to SCADA devices. J Colloquium Inf Syst Secur Edu 7(1):8

    Google Scholar 

  107. Simmons C, Ellis C, Shiva S, Dasgupta D, Wu Q (2009) AVOIDIT: a cyber attack taxonomy. University of Memphis. Technical report CS-09-003

    Google Scholar 

  108. Smith DC (2021) Cybersecurity in the energy sector: are we really prepared? J Energy Nat Res Law 39(3):265–270

    Google Scholar 

  109. Smith S (2022) Out of gas: a deep dive into the colonial pipeline cyberattack. In: SAGE Business Cases SAGE Publications, Ltd. Retrieved from https://doi.org/10.4135/9781529605679. Accessed on 16 Jan 2023

  110. Straub J (2021) Defining, evaluating, preparing for and responding to a cyber Pearl Harbor. Technol Soc 65:101599

    Article  Google Scholar 

  111. Sullivan JE, Kamensky D (2017) How cyber-attacks in Ukraine show the vulnerability of the US power grid. Electr J 30(3):30–35

    Article  Google Scholar 

  112. Thomas J (2018) Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Thomas JE (2018). Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Int J Bus Manag 12(3):1–23

    Google Scholar 

  113. Thomas K, Li F, Zand A, Barrett J, Ranieri J, Invernizzi L, Bursztein E (2017) Data breaches, phishing, or malware? Understanding the risks of stolen credentials. In: proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 1421–1434

    Google Scholar 

  114. Tsvetanov T, Slaria S (2021) The effect of the colonial pipeline shutdown on gasoline prices. Econ Lett 209:110122

    Article  Google Scholar 

  115. United Kingdom Government. Terrorism Act 2000. Retrieved from: https://www.legislation.gov.uk/ukpga/2000/11/part/III/crossheading/offences. Accessed on 16th Jan 2023

  116. Van de Weijer SG, Leukfeldt R, Bernasco W (2019) Determinants of reporting cybercrime: a comparison between identity theft, consumer fraud, and hacking. Eur J Criminol 16(4):486–508

    Article  Google Scholar 

  117. Van der Meer S (2020) How states could respond to non-state cyber-attackers. Clingendael Policy Brief. Retrieved from: https://www.clingendael.org/sites/default/files/2020-06/Policy_Brief_Cyber_non-state_June_2020.pdf. Accessed on 16th Jan 2023

  118. Warfield D (2012) Critical infrastructures: IT security and threats from private sector ownership. Inf Secur J Glob Perspect 21:127–136

    Article  Google Scholar 

  119. Weiss M, Biermann F (2021) Cyberspace and the protection of critical national infrastructure. J Econ Policy Reform 1–18

    Google Scholar 

  120. Weiss J (2016) Aurora generator test. Handbook of SCADA/Control Systems Security 107

    Google Scholar 

  121. Watson FC, CISM C, ECSA A (2017). Petya/NotPetya: why it is nastier than wannacry and why we should care.ISACA 6:1-6

    Google Scholar 

  122. White House Archives (2013) Presidential policy directive PPD21. Presidential policy directive: Critical infrastructure security and resilience. Retrieved from: https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil. Accessed on 30th Nov 2022

  123. White House Archives (2020) Executive order on securing the United States bulk-power system EO 13920. Retrieved from: https://trumpwhitehouse.archives.gov/presidential-actions/executive-order-securing-united-states-bulk-power-system/. Accessed on 16th Jan 2023

  124. White House Archives (2021) Executive Order on improving the nation’s cybersecurity EO 14028. Retrieved from: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/. Accessed on 16th Jan 2023

  125. Wolff ED, Growley KM, Gruden MG (2021) Navigating the solarwinds supply chain attack. Procurement Lawyer 56(2):3–11

    Google Scholar 

  126. Yadav G, Paul K (2019) Assessment of SCADA system vulnerabilities. In: 2019 24th IEEE international conference on emerging technologies and factory automation (ETFA), pp 1737–1744 IEEE

    Google Scholar 

  127. Yılmaz EN, Gönen S (2018) Attack detection/prevention system against cyber attack in industrial control systems. Comput Secur 77:94–105

    Article  Google Scholar 

  128. Young S (2022) Moving the U.S. government toward zero trust cybersecurity principles Retrieved from: https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf. Accessed on 30 Dec 2022

  129. Yuste J, Pastrana S (2021) Avaddon ransomware: an in-depth analysis and decryption of infected systems. Comput Secur 109:102388

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Swansea, UK

    Joseph Rees

  2. Global Development Institute, University of Manchester, Manchester, UK

    Christopher J. Rees

Authors
  1. Joseph Rees
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christopher J. Rees
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joseph Rees .

Editor information

Editors and Affiliations

  1. Swansea, UK

    Reza Montasari

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Rees, J., Rees, C.J. (2023). Cyber-Security and the Changing Landscape of Critical National Infrastructure: State and Non-state Cyber-Attacks on Organisations, Systems and Services. In: Montasari, R. (eds) Applications for Artificial Intelligence and Digital Forensics in National Security. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-40118-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-40118-3_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-40117-6

  • Online ISBN: 978-3-031-40118-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation