Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks - Critical Infrastructure Protection VII Access content directly
Conference Papers Year : 2013

Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks

Abstract

For several years, security experts and government officials have been warning about a “Cyber Pearl Harbor” – a cyber attack on the nation’s power grid. Current cyber security research focuses on the tactical aspects of infrastructure attacks and views attackers as passive agents, downplaying their strategies. The research only minimally incorporates the human element, which limits the understanding of cyber attacks on the critical infrastructure.This paper explores attacker decision-making with regard to power grid cyber attacks from a criminological perspective. It presents the findings from a survey that explored the technical and non-technical factors influencing attacker decision-making. A total of 330 participants from the ethical hacker community and the power industry were surveyed. Nine factors influencing attacker decision-making emerged and were organized to create the PARE RISKS framework: prevention measures (P); attacks and alliances (A); result (R); ease of access (E); response (R); interconnectedness and interdependencies (I); security testing and audits (S); knowledge and research (K); and system weaknesses (S). This paper makes the case that infrastructure attackers are intelligent, active actors who plan strategic attacks and adapt to their environments. The paper also offers recommendations for cyber security policy, focusing on improved security practices, education programs and mandatory security budgets.
Fichier principal
Vignette du fichier
978-3-642-45330-4_9_Chapter.pdf (927.54 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01456897 , version 1 (06-02-2017)

Licence

Attribution

Identifiers

Cite

Aunshul Rege. Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks. 7th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2013, Washington, DC, United States. pp.125-138, ⟨10.1007/978-3-642-45330-4_9⟩. ⟨hal-01456897⟩
56 View
171 Download

Altmetric

Share

Gmail Facebook X LinkedIn More