Securing Critical Infrastructure: A Ransomware Study

Abstract

This thesis reviews traditional ransomware attack trends in order to present a taxonomy for ransomware targeting industrial control systems. After reviewing a critical infrastructure ransomware attack methodology, a corresponding response and recovery plan is described. The plan emphasizes security through redundancy, specifically the incorporation of standby programmable logic controllers. This thesis goes on to describe a set of experiments conducted to test the viability of defending against a specialized ransomware attack with a redundant controller network. Results support that specific redundancy schemes are effective in recovering from a successful attack. Further experimentation is conducted to test the feasibility of industrial control system ransomware attacks leveraging weaknesses in computer networking. Results support that intelligent electronic devices have communication link vulnerabilities that expose industrial control networks to traditional network attacks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 22, 2018
Accession Number
AD1056153

Entities

People

  • Blaine M. Jeffries

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Air Force
  • Application Protocols
  • Command And Control
  • Communication Channels
  • Computer Network Security
  • Computer Programming
  • Computer Programs
  • Computers
  • Cyberattacks
  • Cybersecurity
  • Cyberspace Operations
  • Denial Of Service Attack
  • Electronic Mail
  • Human-Machine Interfaces
  • Network Protocols
  • Operating Systems
  • Transport Protocols

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber
  • Microelectronics
  • Microelectronics - Microelectromechanical Systems