Rights statement: This is the author’s version of a work that was accepted for publication in International Journal of Critical Infrastructure Protection. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in International Journal of Critical Infrastructure Protection, 35, 2021 DOI: 10.1016/j.ijcip.2021.100464
Accepted author manuscript, 309 KB, PDF document
Available under license: CC BY-NC-ND: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
Final published version
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Looking back to look forward
T2 - Lessons learnt from cyber-attacks on Industrial Control Systems
AU - Miller, Thomas
AU - Staves, Alex
AU - Maesschalck, Sam
AU - Sturdee, Miriam
AU - Green, Benjamin
N1 - This is the author’s version of a work that was accepted for publication in International Journal of Critical Infrastructure Protection. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in International Journal of Critical Infrastructure Protection, 35, 2021 DOI: 10.1016/j.ijcip.2021.100464
PY - 2021/12/31
Y1 - 2021/12/31
N2 - Since the 1980s, we have observed a range of cyberattacks targeting Industrial Control Systems (ICS), some of which have impacted elements of critical national infrastructure (CNI). While there are access limitations on information surrounding ICS focused cyberattacks, particularly within a CNI context, this paper provides an extensive summary of those publicly reported. By identifying and analysing previous ICS focused cyberattacks, we document their evolution, affording cyber-security practitioners with a greater understanding of attack vectors, threat actors, impact, and targeted sectors and locations, critical to the continued development of holistic risk management strategies.
AB - Since the 1980s, we have observed a range of cyberattacks targeting Industrial Control Systems (ICS), some of which have impacted elements of critical national infrastructure (CNI). While there are access limitations on information surrounding ICS focused cyberattacks, particularly within a CNI context, this paper provides an extensive summary of those publicly reported. By identifying and analysing previous ICS focused cyberattacks, we document their evolution, affording cyber-security practitioners with a greater understanding of attack vectors, threat actors, impact, and targeted sectors and locations, critical to the continued development of holistic risk management strategies.
KW - Industrial Control Systems
KW - ICS
KW - Cyber-Physical Systems
KW - Cyber Attacks
KW - Threat
U2 - 10.1016/j.ijcip.2021.100464
DO - 10.1016/j.ijcip.2021.100464
M3 - Journal article
VL - 35
JO - International Journal of Critical Infrastructure Protection
JF - International Journal of Critical Infrastructure Protection
SN - 1874-5482
M1 - 100464
ER -