IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v35y2021ics1874548221000524.html
   My bibliography  Save this article

Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems

Author

Listed:
  • Miller, Thomas
  • Staves, Alexander
  • Maesschalck, Sam
  • Sturdee, Miriam
  • Green, Benjamin

Abstract

Since the 1980s, we have observed a range of cyberattacks targeting Industrial Control Systems (ICS), some of which have impacted elements of critical national infrastructure (CNI). While there are access limitations on information surrounding ICS focused cyberattacks, particularly within a CNI context, this paper provides an extensive summary of those publicly reported. By identifying and analysing previous ICS focused cyberattacks, we document their evolution, affording cyber-security practitioners with a greater understanding of attack vectors, threat actors, impact, and targeted sectors and locations, critical to the continued development of holistic risk management strategies.

Suggested Citation

  • Miller, Thomas & Staves, Alexander & Maesschalck, Sam & Sturdee, Miriam & Green, Benjamin, 2021. "Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 35(C).
    • Handle: RePEc:eee:ijocip:v:35:y:2021:i:c:s1874548221000524
    DOI: 10.1016/j.ijcip.2021.100464
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548221000524
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2021.100464?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Zio, Enrico, 2016. "Challenges in the vulnerability and risk analysis of critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 152(C), pages 137-150.
    2. Dorothy E. Denning, 2012. "Stuxnet: What Has Changed?," Future Internet, MDPI, vol. 4(3), pages 1-16, July.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Etxezarreta, Xabier & Garitano, Iñaki & Iturbe, Mikel & Zurutuza, Urko, 2023. "Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey," International Journal of Critical Infrastructure Protection, Elsevier, vol. 42(C).
    2. Rahman, Ayesha & Mustafa, Ghulam & Khan, Abdul Qayyum & Abid, Muhammad & Durad, Muhammad Hanif, 2022. "Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 39(C).
    3. Davide Berardi & Franco Callegati & Andrea Giovine & Andrea Melis & Marco Prandini & Lorenzo Rinieri, 2023. "When Operation Technology Meets Information Technology: Challenges and Opportunities," Future Internet, MDPI, vol. 15(3), pages 1-16, February.
    4. Berghout, Tarek & Benbouzid, Mohamed, 2022. "EL-NAHL: Exploring labels autoencoding in augmented hidden layers of feedforward neural networks for cybersecurity in smart grids," Reliability Engineering and System Safety, Elsevier, vol. 226(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Jianguo Ding & Attia Qammar & Zhimin Zhang & Ahmad Karim & Huansheng Ning, 2022. "Cyber Threats to Smart Grids: Review, Taxonomy, Potential Solutions, and Future Directions," Energies, MDPI, vol. 15(18), pages 1-37, September.
    2. Tang, Daogui & Fang, Yi-Ping & Zio, Enrico, 2023. "Vulnerability analysis of demand-response with renewable energy integration in smart grids to cyber attacks and online detection methods," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
    3. Federico Antonello & Piero Baraldi & Enrico Zio & Luigi Serio, 2022. "A Novel Metric to Evaluate the Association Rules for Identification of Functional Dependencies in Complex Technical Infrastructures," Environment Systems and Decisions, Springer, vol. 42(3), pages 436-449, September.
    4. Phan, Hieu Chi & Dhar, Ashutosh Sutra & Bui, Nang Duc, 2023. "Reliability assessment of pipelines crossing strike-slip faults considering modeling uncertainties using ANN models," Reliability Engineering and System Safety, Elsevier, vol. 237(C).
    5. Zhaoming Yang & Qi Xiang & Yuxuan He & Shiliang Peng & Michael Havbro Faber & Enrico Zio & Lili Zuo & Huai Su & Jinjun Zhang, 2023. "Resilience of Natural Gas Pipeline System: A Review and Outlook," Energies, MDPI, vol. 16(17), pages 1-19, August.
    6. Wang, Wei & Cammi, Antonio & Di Maio, Francesco & Lorenzi, Stefano & Zio, Enrico, 2018. "A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 175(C), pages 24-37.
    7. Luciano Cavalcante Siebert & Alexandre Rasi Aoki & Germano Lambert-Torres & Nelson Lambert-de-Andrade & Nikolaos G. Paterakis, 2020. "An Agent-Based Approach for the Planning of Distribution Grids as a Socio-Technical System," Energies, MDPI, vol. 13(18), pages 1-13, September.
    8. Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
    9. Dubaniowski, Mateusz Iwo & Heinimann, Hans Rudolf, 2021. "Framework for modeling interdependencies between households, businesses, and infrastructure system, and their response to disruptions—application," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    10. Mohamed Gaha & Bilal Chabane & Dragan Komljenovic & Alain Côté & Claude Hébert & Olivier Blancke & Atieh Delavari & Georges Abdul-Nour, 2021. "Global Methodology for Electrical Utilities Maintenance Assessment Based on Risk-Informed Decision Making," Sustainability, MDPI, vol. 13(16), pages 1-23, August.
    11. Senderov, Sergey M. & Smirnova, Elena M. & Vorobev, Sergey V., 2020. "Analysis of vulnerability of fuel supply systems in gas-consuming regions due to failure of critical gas industry facilities," Energy, Elsevier, vol. 212(C).
    12. Fang, Yi-Ping & Sansavini, Giovanni, 2019. "Optimum post-disruption restoration under uncertainty for enhancing critical infrastructure resilience," Reliability Engineering and System Safety, Elsevier, vol. 185(C), pages 1-11.
    13. Kefan Xie & Zimei Liu, 2019. "Factors Influencing Escalator-Related Incidents in China: A Systematic Analysis Using ISM-DEMATEL Method," IJERPH, MDPI, vol. 16(14), pages 1-15, July.
    14. Yi‐Ping Fang & Giovanni Sansavini & Enrico Zio, 2019. "An Optimization‐Based Framework for the Identification of Vulnerabilities in Electric Power Grids Exposed to Natural Hazards," Risk Analysis, John Wiley & Sons, vol. 39(9), pages 1949-1969, September.
    15. Mishra, Vishrut Kumar & Palleti, Venkata Reddy & Mathur, Aditya, 2019. "A modeling framework for critical infrastructure and its application in detecting cyber-attacks on a water distribution system," International Journal of Critical Infrastructure Protection, Elsevier, vol. 26(C).
    16. Ivo Häring & Mirjam Fehling-Kaschek & Natalie Miller & Katja Faist & Sebastian Ganter & Kushal Srivastava & Aishvarya Kumar Jain & Georg Fischer & Kai Fischer & Jörg Finger & Alexander Stolz & Tobias , 2021. "A performance-based tabular approach for joint systematic improvement of risk control and resilience applied to telecommunication grid, gas network, and ultrasound localization system," Environment Systems and Decisions, Springer, vol. 41(2), pages 286-329, June.
    17. Mühlhofer, Evelyn & Koks, Elco E. & Kropf, Chahan M. & Sansavini, Giovanni & Bresch, David N., 2023. "A generalized natural hazard risk modelling framework for infrastructure failure cascades," Reliability Engineering and System Safety, Elsevier, vol. 234(C).
    18. Sperstad, Iver Bakken & Kjølle, Gerd H. & Gjerde, Oddbjørn, 2020. "A comprehensive framework for vulnerability analysis of extraordinary events in power systems," Reliability Engineering and System Safety, Elsevier, vol. 196(C).
    19. Wang, WuChang & Zhang, Yi & Li, YuXing & Hu, Qihui & Liu, Chengsong & Liu, Cuiwei, 2022. "Vulnerability analysis method based on risk assessment for gas transmission capabilities of natural gas pipeline networks," Reliability Engineering and System Safety, Elsevier, vol. 218(PB).
    20. Judy P. Che-Castaldo & Rémi Cousin & Stefani Daryanto & Grace Deng & Mei-Ling E. Feng & Rajesh K. Gupta & Dezhi Hong & Ryan M. McGranaghan & Olukunle O. Owolabi & Tianyi Qu & Wei Ren & Toryn L. J. Sch, 2021. "Critical Risk Indicators (CRIs) for the electric power grid: a survey and discussion of interconnected effects," Environment Systems and Decisions, Springer, vol. 41(4), pages 594-615, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:35:y:2021:i:c:s1874548221000524. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.