Analysis of Energy Delivery Sector Malware Attack Response Mechanisms
Abstract
Recent cyberattacks on the electricity grids in the U.S. and Ukraine, the rise of malware tailored to industrial control systems, failure of basic sanitary and life-saving systems after prolonged power outages, economic losses numbering in the billions: these are the consequences of malware attacks on critical infrastructure sectors across the globe. New and continuously evolving cyber threats demand new and better response mechanisms to mitigate their effects. However, critical infrastructure sectors, and the electricity subsector in particular, are faced with the enormous challenge of identifying gaps in their extremely complex cyber incident response mechanisms. This thesis takes a novel, systems-level approach to pinpoint deficiencies in incident response mechanisms of the U.S. electricity sector. An analysis of current and future external influences on the electricity sector validates that malware threats and vulnerabilities are rapidly evolving and are already outpacing the sectors ability to adapt its cyber incident response mechanisms. Using the Architecting Innovative Enterprise Strategies (ARIES) Framework to explore current incident response mechanisms reveals that the traditional, all-hazards approach to major incident response is insufficient to keep the grid secure. Instead, improvements in cyber incident response strategies, processes, organizations, information flow, products, and services are all necessary to overcome the disparity. Most importantly, the systems-level approach exposes the culture of cybersecurity in the sector is the systemic driver of those shortfalls and must be the primary consideration for improvement to the electricity sectors cyber incident response mechanisms.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 18, 2019
- Accession Number
- AD1080519
Entities
People
- Michael L. Sapienza
Organizations
- Massachusetts Institute of Technology