ESC
Insights into Regional Development Open Access
Enter to ENTREPRENEURSHIP AND
SUSTAINABILITY CENTER page

Enter to ENTREPRENEURSHIP AND
SUSTAINABILITY ISSUES page

Navigation

Membership:

iThenticate

Recommended tools:

Get Mendeley Web Importer: Mendeley

Register for an ORCID iD (for authors and reviewers): ORCID

Join a global community of researchers using Kudos: Kudos

Get Adobe Acrobat Reader

Share: Facebook LinkedIn Twitter Add this article to your Mendeley library
HTML PDF
DOI 10.9770/IRD.2020.2.3(7)
HAL hal-03271856
Reference to this article should be made as follows:
Plėta, T.; Tvaronavičienė, M.; Casa, S. D.; Agafonov, K. 2020. Cyber-attacks to critical energy infrastructure and management issues: overview of selected cases, Insights into Regional Development 2(3): 703-715. https://doi.org/10.9770/IRD.2020.2.3(7)
Received: 2020-03-15  |  Accepted: 2020-07-15  |  Published: 2020-09-30

Title

Cyber-attacks to critical energy infrastructure and management issues: overview of selected cases

Abstract

The purpose of the paper is to analyze the vulnerabilities of Critical Energy Infrastructures' systems in the event of cyber-attack. The global tendency of cyber-attacks puts Critical Energy Infrastructures on one of the first places for targets. Critical Infrastructure Protection (CIP) has become an increasingly relevant topic in the global industrial environment, as the consequences of cyber-attacks toward ICS can result in physical disruption and loss of human lives. The analysis presented in the paper will take into consideration three different case scenarios of cyber-attacks to Critical Energy Infrastructures, and will evaluate the outcomes and the tactics used by the organizations' response and recovery.

Keywords

critical infrastructure, management, cyber-attack, energy security, cybersecurity

JEL classifications

M15 , Q48

URI

http://jssidoi.org/ird/article/47

DOI

DOI 10.9770/IRD.2020.2.3(7)

HAL

HAL hal-03271856

Pages

703-715

Funding

This research was partly supported by the project, which has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 830892

This is an open access issue and all published articles are licensed under a
Creative Commons Attribution 4.0 International License

Authors

Plėta, Tomas
Vilnius Gediminas Technical University, Vilnius, Lithuania https://vilniustech.lt
Articles by this author in: CrossRef |  Google Scholar
Tvaronavičienė, Manuela
Vilnius Gediminas Technical University, Vilnius, Lithuania https://vilniustech.lt
General Jonas Žemaitis Military Academy of Lithuania, Vilnius, Lithuania http://www.lka.lt
Articles by this author in: CrossRef |  Google Scholar
Casa, Silvia Della
Daugavpils University, Daugavpils, Latvia https://du.lv
NATO Energy Security Centre of Excellence, Vilnius, Lithuania https://enseccoe.org
Articles by this author in: CrossRef |  Google Scholar
Agafonov, Konstantin
Mykolas Romeris University, Vilnius, Lithuania https://www.mruni.eu
Articles by this author in: CrossRef |  Google Scholar

Journal title

Insights into Regional Development

Volume

2

Number

3

Issue date

September 2020

Issue DOI

DOI 10.9770/ird.2020.2.3

ISSN

ISSN 2345-0282 (online)

Publisher

VšĮ Entrepreneurship and Sustainability Center, Vilnius, Lithuania

Cited

Google Scholar

Article views & downloads

HTML views: 3331  |  PDF downloads: 1301

References

Accenture Security. (2018). Gaining ground on the cyber attacker: 2018 State of Cyber Resilience. USA: Accenture Security. Retrieved from https://www.accenture.com/us-en/insights/security/2018-state-of-cyber-resilience-index

Search via ReFindit

Accenture Security. (2019). The Cost of Cybercrime. Traverse City, Michigan: Ponemon Institute. Retrieved from https://www.accenture.com/_acnmedia/pdf-96/accenture-2019-cost-of-cybercrime-study-final.pdf

Search via ReFindit

Ahola, M. (2019, October 18). The Role of Human Error in Successful Cyber Security Breaches. Retrieved from usecure: https://blog.getusecure.com/post/the-role-of-human-error-in-successful-cyber-security-breaches

Search via ReFindit

Alshathry. (2017, February). Cyber Attack on Saudi Aramco. International Journal of Management of Information Technology, 11(5), p. 3037. doi: https://doi.org/10.24297/ijmit.v11i5.5613

Search via ReFindit

Amin, M. (2002). Security challenges for the electricity infrastructure. Computer, 35(SUPPL.), 8-10. doi: https://doi.org/10.1109/MC.2002.989920

Search via ReFindit

Amin, S. M. (2010, Spring). Securing the Electricity Grid. The Bridge: Linking Engineering and Society, 40(1), 13-19. Retrieved from http://massoud-amin.umn.edu/publications/Securing-the-Electricity-Grid.pdf

Search via ReFindit

Ayral T., O. J. (2016, July). Minimize industrial cyber security risk in plants in 12 steps. Retrieved from Hydrocarbon Processing: https://www.hydrocarbonprocessing.com/magazine/2016/july-2016/process-control-and-instrumentation/minimize-industrial-cyber-security-risk-in-plants-in-12-steps

Search via ReFindit

Beazner M., R. P. (2017). CSS Cyber Defence Hotspot Analysis: Stuxnet. Zurich: Center for Security Studies (CSS), ETH Zurich. Retrieved from https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/Cyber-Reports-2017-04.pdf

Search via ReFindit

Bhayani M., P. M. (2016). Internet of Things (IoT): In a Way of Smart World. In B. Y. Satapathy S., Proceedings of the International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing (Vol. 438). Singapore: Springer.

Search via ReFindit

Blume, S. W. (2007). Electric Power System Basics. (I. o. Engineers, A cura di) Wyley and Sons, INC.

Search via ReFindit

Bronk C., T.-R. E. (2013). Hack or Attack? Shamoon and the evolution of Cyber Conflict. SSRN. doi: http://dx.doi.org/10.2139/ssrn.2270860

Search via ReFindit

CESG. (2016). Common Cyber Attacks: Reducing The Impact. London: CESG. Retrieved from https://www.ncsc.gov.uk/static-assets/documents/common_cyber_attacks_ncsc.pdf

Search via ReFindit

Chesla, A. (2012, October 25). Cyber War Rooms: Why IT Needs New Expertise To Combat Today's Cyberattacks. Retrieved from Security Week: https://www.securityweek.com/cyber-war-rooms-why-it-needs-new-expertise-combat-todays-cyberattacks

Search via ReFindit

Darville C., D. B. (2015). Cyber Security Incident Management Guide. (C. f. Belgium, A cura di) Belgium: Cyber Security Coalition. Retrieved from https://b-ok.cc/book/3704644/d3244d

Search via ReFindit

Das R., Z. G. (2019). Analysis of Cyber-Attacks in IoT-based Critical infrastructures. International Journal of information Security, 8(4), 122-133. Retrieved from http://www.ijiss.org/ijiss/index.php/ijiss/article/view/490/pdf_80

Search via ReFindit

De Falco, M. (2012). Stuxnet Facts Report: A Technical and Strategic Analysis. Tallinn: NATO Cooperative Cyber Defence Centre of Excellence. Retrieved from https://ccdcoe.org/uploads/2018/10/Falco2012_StuxnetFactsReport.pdf

Search via ReFindit

Dragos. (2017). CRASHOVERRIDE: Analysis of the Threat to Electric Grid Operations. Hanover: Gragos.Inc. Retrieved from https://www.key4biz.it/wp-content/uploads/2017/06/CrashOverride-01.pdf

Search via ReFindit

E-ISAC. (2016). Analysis of the Cyber Attack on the Ukrainian Power Grid: Defense Use Case. Washington: SANS ICS. Retrieved from http://www.nerc.com/pa/CI/ESISAC/Documents/E-ISAC_SANS_Ukraine_DUC_18Mar2016.pdf

Search via ReFindit

Egozcue E., R. D. (2012). Annex II. Security aspects of the smart grid. In D. H. E. Egozcue, Smart Grid Security: Recommendations for Europe and Member States. European Network and Information Security Agency (ENISA). Retrieved from https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services/smart-grids/smart-grids-and-smart-metering/ENISA_Annex%20II%20-%20Security%20Aspects%20of%20Smart%20Grid.pdf

Search via ReFindit

Falliere N., M. L. (2011). W32.Stuxnet Dossier. Cupertino, CA: Symantec Security Response. Retrieved from https://css.csail.mit.edu/6.858/2014/readings/stuxnet.pdf

Search via ReFindit

FireEye. (2016). Cyber Attacks on the Ukrainian Grid: What you should know. Milpitas, CA: FireEye. Retrieved from https://www.fireeye.com/content/dam/fireeye-www/global/en/solutions/pdfs/fe-cyber-attacks-ukrainian-grid.pdf

Search via ReFindit

ICS Engineering Inc. (2017). Types of Redundancy. Retrieved from ICS Engineering Inc.: http://www.icsenggroup.com/types-of-redundancy.shtml

Search via ReFindit

Inductive Automation. (2020, February 28). IIoT: Combining the Best of OT and IT. Industrial Ethernet Book , 9514. USA: IEB Media GdR. Retrieved from https://iebmedia.com/index.php?id=11673&parentid=63&themeid=255&hft=95&showdetail=true&bb=1

Search via ReFindit

Israel, M. (2019, April). No More Dangling from Rooftops: Integrating Cybersecurity. Advancing Automation Cybersecurity into the Connected Plant Transformation, XV, p. 5-9.

Search via ReFindit

Kerr P., R. J. (2010). The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability. Washington: Congressional Research Service. Retrieved from https://fas.org/sgp/crs/natsec/R41524.pdf

Search via ReFindit

Kshetri N., V. J. (2017). Hacking Power Grids: A Current Problem. IEEE Security & Privacy, 91-95. doi:10.1109/MC.2017.4451203

Search via ReFindit

Limba, T., Plėta, T., Agafonov, K., & Damkus, M. (2017). Cyber security management model for critical infrastructure. Entrepreneurship and Sustainability Issues, 4(4), 559-573. http://dx.doi.org/10.9770/jesi.2017.4.4(12)

Search via ReFindit

Mackenzie, H. (2012, October 25). Shamoon Malware and SCADA Security – What are the Impacts? Retrieved from Tofino Security: https://www.tofinosecurity.com/blog/shamoon-malware-and-scada-security-–-what-are-impacts

Search via ReFindit

Mahmud R., V. R. (2015). A survey on smart grid metering infrastructures: Threats and solutions. 2015 IEEE International Conference on Electro/Information Technology (EIT) (p. 386–391). IEEE.

Search via ReFindit

McLaughlin S., P. D. (2010). Energy Theft in the Advanced Metering Infrastructure. International Conference on Critical Information Infrastructures Security (p. 176-187). Berlin: Springer-Verlag Berlin Heidelberg. doi:10.1007/978-3-642-14379-3_15

Search via ReFindit

NATO. (2020, March 17). Cyber Defence. Retrieved from NATO: https://www.nato.int/cps/en/natohq/topics_78170.htm

Search via ReFindit

OpUtils. (2020, February 21). Rogue Device Detection Software. Retrieved from ManageEngine: https://www.manageengine.com/products/oputils/rogue-detection-tool.html?lhs

Search via ReFindit

Oracle. (2012). Mitigating Cyber-Security Risk of Smart-Grid AMI. Oracle. Retrieved from www.oracle.com/us/technologies/bpm/mitigate-cyber-security-risk-1533517.pdf

Search via ReFindit

Park D., S. J. (2017, October 11). Cyberattack on Critical Infrastructure: Russia and the Ukrainian Power Grid Attacks. Retrieved from The Henry M. Jackson School of International Studies: https://jsis.washington.edu/news/cyberattack-critical-infrastructure-russia-ukrainian-power-grid-attacks/#/

Search via ReFindit

Ryder R., M. A. (2019). Cyber Crisis Management. New Delhi: Bloomsbury India.

Search via ReFindit

Wuuest, C. (2014, January 13). Targeted Attacks Against the Energy Sector. Security Response. Retrieved from https://bluekarmasecurity.net/wp-content/uploads/2014/09/Symantec_Targeted-Attacks-Against-the-Energy-Sector_whitepaper.pdf

Search via ReFindit

Z. Drias, A. S. (2015). Analysis of Cyber Security for Industrial Control Systems. 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC 2015) (p. 83-91). Shanghai, China: IEEE.

Search via ReFindit

SUBMIT YOUR ARTICLE

RSS FEEDS


Archived in:

CLOCKSS


Flag Counter

qr code