Analysis of Energy Delivery Sector Malware Attack Response Mechanisms
Madnick, Prof. Stuart
MetadataShow full item record
Recent cyberattacks on the electricity grids in the U.S. and Ukraine, the rise of malware tailored to industrial control systems, failure of basic sanitary and life-saving systems after prolonged power outages, economic losses numbering in the billions: these are the consequences of malware attacks on critical infrastructure sectors across the globe. New and continuously evolving cyber threats demand new and better response mechanisms to mitigate their effects. However, critical infrastructure sectors, and the electricity subsector in particular, are faced with the enormous challenge of identifying gaps in their extremely complex cyber incident response mechanisms. This thesis takes a novel, systems-level approach to pinpoint deficiencies in incident response mechanisms of the U.S. electricity sector. An analysis of current and future external influences on the electricity sector validates that malware threats and vulnerabilities are rapidly evolving and are already outpacing the sector's ability to adapt its cyber incident response mechanisms. Using the Architecting Innovative Enterprise Strategies (ARIES) Framework to explore current incident response mechanisms reveals that the traditional, all-hazards approach to major incident response is insufficient to keep the grid secure. Instead, improvements in cyber incident response strategies, processes, organizations, information flow, products, and services are all necessary to overcome the disparity. Most importantly, the systems-level approach exposes the culture of cybersecurity in the sector is the systemic driver of those shortfalls and must be the primary consideration for improvement to the electricity sector's cyber incident response mechanisms.
NPS CIVINS (Civilian Institutions) Thesis documentApproved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Vidas, Timothy (2007);Current threats against typical computer systems demonstrate a need for forensic analysis of memory-resident data in addition to the conventional static analysis common today. Certain attacks and types of malware exist ...
Mulligan, Michael R. (Monterey California. Naval Postgraduate School, 2012-03);The National Cyber Incident Response Plan stipulates the state homeland security advisor as the contact point for a significant cyber incident. But this may not be the most effective method of response because the state ...
Batteson, Bruce (Monterey, CA; Naval Postgraduate School, 2019-09);Fast neutron detection is critical to the interdiction of illicit special nuclear material, among other potential applications. The use of heavy oxide scintillators to detect fast neutrons is one technology requiring little ...