Factors impacting attacker decision-making in power grid cyber attacks

IFIP Advances in Information and Communication Technology

Volumn 417, Issue , 2013, Pages 125-138

  Rege, Aunshul ^a  

^a TEMPLE UNIVERSITY   (United States)

Author keywords

Attacker decision making; Cyber attacks; Industrial control systems

Indexed keywords

BUDGET CONTROL; CRITICAL INFRASTRUCTURES; DECISION MAKING; ELECTRIC POWER TRANSMISSION NETWORKS; NETWORK SECURITY; PERSONAL COMPUTING; PUBLIC WORKS; RISK ASSESSMENT; SECURITY SYSTEMS; SURVEYS;

CYBER-ATTACKS; EDUCATION PROGRAMS; GOVERNMENT OFFICIALS; HACKER COMMUNITIES; INDUSTRIAL CONTROL SYSTEMS; NON-TECHNICAL FACTORS; PREVENTION MEASURES; SECURITY PRACTICE;

COMPUTER CRIME;

EID: 84921060738     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-45330-4_9     Document Type: Conference Paper

References (30)

1. S. Baker, S. Waterman and G. Ivanov, In the Crossfire: Critical Infrastructure in the Age of Cyber War, McAfee, Santa Clara, California, 2009.
2. A. Beatty, U.S. cybersecurity chief warns of “market” in malware, Agence France-Presse, June 17, 2009.
3. E. Bumiller and T. Shanker, Panetta warns of dire threat of cyberattack on U.S., New York Times, October 11, 2010.
4. R. Clarke, Situational crime prevention, in Environmental Criminology and Crime Analysis, R. Wortley and L. Mazerolle (Eds.), Willan Publishing, Portland, Oregon, pp. 178–194, 2008.
5. L. Cohen and M. Felson, Social change and crime rate trends: A routine activity approach, American Sociological Review, vol. 44(4), pp. 588–609, 1979.
6. D. Cornish and R. Clarke (Eds.), The Reasoning Criminal: Rational Choice Perspectives on Offending, Springer-Verlag, New York, 1986.
7. A. Costello and J. Osborne, Best practices in exploratory factory analysis: Four recommendations for getting the most from your analysis, Practical Assessment, Research and Evaluation, vol. 10(7), pp. 173–178, 2005.
8. N. Denzin (Ed.), Sociological Methods: A Sourcebook, McGraw-Hill, New York, 1978.
9. N. Falliere, L. O’Murchu and E. Chien, W32.Stuxnet Dossier, Symantec, Mountain View, California, 2011.
10. A. Field, Discovering Statistics Using SPSS, Sage Publications, London, United Kingdom, 2013.
11. N. Grant and L. Fabrigar, Exploratory factor analysis, in Encyclopedia of Measurement and Statistics, N. Salkind (Ed.), Sage Publications, Thousand Oaks, California, pp. 332–335, 2007.
12. Idaho National Laboratory, NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses, INL/EXT-10-18381, Idaho Falls, Idaho, 2010.
13. T. Jick, Mixing qualitative and quantitative methods: Triangulation in action, Administrative Science Quarterly, vol. 24(4), pp. 602–611, 1979.
14. N. King and C. Horrocks, Interviews in Qualitative Research, Sage Publications, Thousand Oaks, California, 2010.
15. McAfee, Advanced Persistent Threat, Santa Clara, California (blogs. mcafee.com/tag/advanced-persistent-threat).
16. National Security Telecommunications Advisory Committee, Electric Power Risk Assessment, Washington, DC (www.solarstorms.org/Elec tricAssessment.html), 2000.
17. P. Oman, E. Schweitzer and J. Robert, Safeguarding IEDS, substations and SCADA systems against electronic intrusions, Proceedings of the Western Power Delivery Automation Conference, 2001.
18. E. Pedhazur and L. Schmelkin, Measurement, Design and Analysis: An Integrated Approach, Taylor and Francis, New York, 1991.
19. QSR International, NVivo 9 Features and Benefits, Melbourne, Australia (www.qsrinternational.com/products_nvivo_features-and-be nefits.aspx).
20. QSR International, What is Qualitative Research? Melbourne, Australia www.qsrinternational.com/what-is-qualitative-research.aspx.
21. R. Rantala, Cybercrimes Against Businesses, 2005, Special Report NCJ 221943, Bureau of Justice Statistics, U.S. Department of Justice, Washington, DC, 2008.
22. A. Rege, Cybercrimes against critical infrastructures: A study of online criminal organizations and techniques, Criminal Justice Studies, vol. 22(3), pp. 261–271, 2009.
23. A. Rege, Offender decision-making in industrial control systems cyber-crime, presented at the Cyber Infrastructure Protection Conference, 2012.
24. S. Sloane, The U.S. needs a cybersecurity czar now, Bloomberg Businessweek, August 13, 2009.
25. Staff of Congressmen Edward J. Markey (D-MA) and Henry A. Waxman (D-CA), Electric Grid Vulnerability: Industry Responses Reveal Security Gaps, U.S. House of Representatives, Washington, DC, 2013.
26. K. Stouffer, J. Falco and K. Scarfone, Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, National Institute of Standards and Technology, Gaithersburg, Maryland, 2012.
27. L. Tinnel, O. Saydjari and D. Farrell, Cyberwar strategy and tactics: An analysis of cyber goals, strategies, tactics and techniques, Proceedings of the IEEE SMC Workshop on Information Assurance, pp. 228–234, 2002.
28. U.S. Department of Homeland Security, Common Cybersecurity Vulnerabilities in Industrial Control Systems, Washington, DC, 2011.
29. U.S. Government Accountability Office, Protection of Chemical and Water Infrastructure: Federal Requirements, Actions of Selected Facilities and Remaining Challenges, Report No. GAO-05-327, Washington, DC, 2005.
30. B. Wingfield, Power-grid cyber attack seen leaving millions in dark for months, Bloomberg, January 31, 2012.