IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v35y2021ics1874548221000524.html
   My bibliography  Save this article

Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems

Author

Listed:
  • Miller, Thomas
  • Staves, Alexander
  • Maesschalck, Sam
  • Sturdee, Miriam
  • Green, Benjamin

Abstract

Since the 1980s, we have observed a range of cyberattacks targeting Industrial Control Systems (ICS), some of which have impacted elements of critical national infrastructure (CNI). While there are access limitations on information surrounding ICS focused cyberattacks, particularly within a CNI context, this paper provides an extensive summary of those publicly reported. By identifying and analysing previous ICS focused cyberattacks, we document their evolution, affording cyber-security practitioners with a greater understanding of attack vectors, threat actors, impact, and targeted sectors and locations, critical to the continued development of holistic risk management strategies.

Suggested Citation

  • Miller, Thomas & Staves, Alexander & Maesschalck, Sam & Sturdee, Miriam & Green, Benjamin, 2021. "Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 35(C).
    • Handle: RePEc:eee:ijocip:v:35:y:2021:i:c:s1874548221000524
    DOI: 10.1016/j.ijcip.2021.100464
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548221000524
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2021.100464?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Dorothy E. Denning, 2012. "Stuxnet: What Has Changed?," Future Internet, MDPI, vol. 4(3), pages 1-16, July.
    2. Zio, Enrico, 2016. "Challenges in the vulnerability and risk analysis of critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 152(C), pages 137-150.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Davide Berardi & Franco Callegati & Andrea Giovine & Andrea Melis & Marco Prandini & Lorenzo Rinieri, 2023. "When Operation Technology Meets Information Technology: Challenges and Opportunities," Future Internet, MDPI, vol. 15(3), pages 1-16, February.
    2. Berghout, Tarek & Benbouzid, Mohamed, 2022. "EL-NAHL: Exploring labels autoencoding in augmented hidden layers of feedforward neural networks for cybersecurity in smart grids," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    3. Etxezarreta, Xabier & Garitano, Iñaki & Iturbe, Mikel & Zurutuza, Urko, 2023. "Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey," International Journal of Critical Infrastructure Protection, Elsevier, vol. 42(C).
    4. Rahman, Ayesha & Mustafa, Ghulam & Khan, Abdul Qayyum & Abid, Muhammad & Durad, Muhammad Hanif, 2022. "Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 39(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Tang, Daogui & Fang, Yi-Ping & Zio, Enrico, 2023. "Vulnerability analysis of demand-response with renewable energy integration in smart grids to cyber attacks and online detection methods," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
    2. Federico Antonello & Piero Baraldi & Enrico Zio & Luigi Serio, 2022. "A Novel Metric to Evaluate the Association Rules for Identification of Functional Dependencies in Complex Technical Infrastructures," Environment Systems and Decisions, Springer, vol. 42(3), pages 436-449, September.
    3. Zhaoming Yang & Qi Xiang & Yuxuan He & Shiliang Peng & Michael Havbro Faber & Enrico Zio & Lili Zuo & Huai Su & Jinjun Zhang, 2023. "Resilience of Natural Gas Pipeline System: A Review and Outlook," Energies, MDPI, vol. 16(17), pages 1-19, August.
    4. Luciano Cavalcante Siebert & Alexandre Rasi Aoki & Germano Lambert-Torres & Nelson Lambert-de-Andrade & Nikolaos G. Paterakis, 2020. "An Agent-Based Approach for the Planning of Distribution Grids as a Socio-Technical System," Energies, MDPI, vol. 13(18), pages 1-13, September.
    5. Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
    6. Dubaniowski, Mateusz Iwo & Heinimann, Hans Rudolf, 2021. "Framework for modeling interdependencies between households, businesses, and infrastructure system, and their response to disruptions—application," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    7. Mohamed Gaha & Bilal Chabane & Dragan Komljenovic & Alain Côté & Claude Hébert & Olivier Blancke & Atieh Delavari & Georges Abdul-Nour, 2021. "Global Methodology for Electrical Utilities Maintenance Assessment Based on Risk-Informed Decision Making," Sustainability, MDPI, vol. 13(16), pages 1-23, August.
    8. Senderov, Sergey M. & Smirnova, Elena M. & Vorobev, Sergey V., 2020. "Analysis of vulnerability of fuel supply systems in gas-consuming regions due to failure of critical gas industry facilities," Energy, Elsevier, vol. 212(C).
    9. Kefan Xie & Zimei Liu, 2019. "Factors Influencing Escalator-Related Incidents in China: A Systematic Analysis Using ISM-DEMATEL Method," IJERPH, MDPI, vol. 16(14), pages 1-15, July.
    10. Yi‐Ping Fang & Giovanni Sansavini & Enrico Zio, 2019. "An Optimization‐Based Framework for the Identification of Vulnerabilities in Electric Power Grids Exposed to Natural Hazards," Risk Analysis, John Wiley & Sons, vol. 39(9), pages 1949-1969, September.
    11. Mühlhofer, Evelyn & Koks, Elco E. & Kropf, Chahan M. & Sansavini, Giovanni & Bresch, David N., 2023. "A generalized natural hazard risk modelling framework for infrastructure failure cascades," Reliability Engineering and System Safety, Elsevier, vol. 234(C).
    12. Wang, WuChang & Zhang, Yi & Li, YuXing & Hu, Qihui & Liu, Chengsong & Liu, Cuiwei, 2022. "Vulnerability analysis method based on risk assessment for gas transmission capabilities of natural gas pipeline networks," Reliability Engineering and System Safety, Elsevier, vol. 218(PB).
    13. Lu, Xuefei & Baraldi, Piero & Zio, Enrico, 2020. "A data-driven framework for identifying important components in complex systems," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    14. Hao, Zhaojun & Di Maio, Francesco & Zio, Enrico, 2023. "A sequential decision problem formulation and deep reinforcement learning solution of the optimization of O&M of cyber-physical energy systems (CPESs) for reliable and safe power production and supply," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
    15. Liu, Xing & Ferrario, Elisa & Zio, Enrico, 2019. "Identifying resilient-important elements in interdependent critical infrastructures by sensitivity analysis," Reliability Engineering and System Safety, Elsevier, vol. 189(C), pages 423-434.
    16. Tianlei Zang & Zian Wang & Xiaoguang Wei & Yi Zhou & Jiale Wu & Buxiang Zhou, 2023. "Current Status and Perspective of Vulnerability Assessment of Cyber-Physical Power Systems Based on Complex Network Theory," Energies, MDPI, vol. 16(18), pages 1-38, September.
    17. F. Brocal & C. González & D. Komljenovic & P. F. Katina & Miguel A. Sebastián, 2019. "Emerging Risk Management in Industry 4.0: An Approach to Improve Organizational and Human Performance in the Complex Systems," Complexity, Hindawi, vol. 2019, pages 1-13, June.
    18. Rocchetta, Roberto, 2022. "Enhancing the resilience of critical infrastructures: Statistical analysis of power grid spectral clustering and post-contingency vulnerability metrics," Renewable and Sustainable Energy Reviews, Elsevier, vol. 159(C).
    19. Liu, Xing & Fang, Yi-Ping & Zio, Enrico, 2021. "A Hierarchical Resilience Enhancement Framework for Interdependent Critical Infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 215(C).
    20. Federico Antonello & Piero Baraldi & Enrico Zio & Luigi Serio, 2022. "A novelty-based multi-objective evolutionary algorithm for identifying functional dependencies in complex technical infrastructures from alarm data," Environment Systems and Decisions, Springer, vol. 42(2), pages 177-188, June.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:35:y:2021:i:c:s1874548221000524. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.