Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks

AbstractThe US power grid has been identified by security experts as a prime target for terrorist-based and state-sponsored cyber attacks. In addition to downing the grid, cyber attacks can also destroy and manipulate data systems, obtain sensitive intellectual property and steal trade secrets. Existing research has addressed the technical factors, such as vulnerabilities and poor intrusion detection systems, which lead to cyber attacks. However, it remains silent on the human factors in the cyber attack equation. This study uses a criminological framework, specifically Routine Activities Theory and Rational Choice Perspective to capture intelligent adversaries who plan and execute attacks based on their analysis of target suitability and guardianship efficacy. It uses a two-step methodology to identify adversary-, target-, and guardianship-specific factors that collectively impact decision-making processes. First, a document analysis of existing literature reveals nine factors (PARE RISKS) that influence adversarial decision-making:

An Assistant Decision-Making Method for Power Grid Contingency Management Based on Case-Based Reasoning

2021 3rd Asia Energy and Electrical Engineering Symposium (AEEES) ◽

10.1109/aeees51875.2021.9402963 ◽

2021 ◽

Author(s):

Haixiang Gao ◽

Lu Miao ◽

Sijie Liu ◽

Jianing Liu ◽

Xiangning Lin ◽

...

Keyword(s):

Decision Making ◽

Power Grid ◽

Contingency Management ◽

Case Based Reasoning ◽

Case Based

Combined game model and investment decision making of power grid-distributed energy system

Environment Development and Sustainability ◽

10.1007/s10668-021-01804-3 ◽

2021 ◽

Author(s):

Yongxiu He ◽

Wei Xiong ◽

Binyou Yang ◽

Hai-yan Yang ◽

Jiu-fang Zhou ◽

...

Keyword(s):

Decision Making ◽

Investment Decision ◽

Power Grid ◽

Energy System ◽

Game Model ◽

Distributed Energy ◽

Investment Decision Making ◽

Distributed Energy System

Fuzzy-Based Symmetrical Multi-Criteria Decision-Making Procedure for Evaluating the Impact of Harmful Factors of Healthcare Information Security

Symmetry ◽

10.3390/sym12040664 ◽

2020 ◽

Vol 12 (4) ◽

pp. 664 ◽

Cited By ~ 4

Author(s):

Rajeev Kumar ◽

Abhishek Kumar Pandey ◽

Abdullah Baz ◽

Hosam Alhakami ◽

Wajdi Alhakami ◽

...

Keyword(s):

Decision Making ◽

Information Security ◽

Information Management ◽

Cyber Security ◽

Cyber Attacks ◽

Multi Criteria Decision Making ◽

Local Hospital ◽

Healthcare Information ◽

Security Breaches ◽

The Impact

Growing concern about healthcare information security in the wake of alarmingly rising cyber-attacks is being given symmetrical priority by current researchers and cyber security experts. Intruders are penetrating symmetrical mechanisms of healthcare information security continuously. In the same league, the paper presents an overview on the current situation of healthcare information and presents a layered model of healthcare information management in organizations. The paper also evaluates the various factors that have a key contribution in healthcare information security breaches through a hybrid fuzzy-based symmetrical methodology of AHP-TOPSIS. Furthermore, for assessing the effect of the calculated results, the authors have tested the results on local hospital software of Varanasi. Tested results of the factors are validated through the comparison and sensitivity analysis in this study. Tabulated results of the proposed study propose a symmetrical mechanism as the most conversant technique which can be employed by the experts and researchers for preparing security guidelines and strategies.

Research on Power Grid Investment Assistant Decision Model Adapting to Power Reform Situation

E3S Web of Conferences ◽

10.1051/e3sconf/202021802026 ◽

2020 ◽

Vol 218 ◽

pp. 02026

Author(s):

Yidi Wan ◽

Wei Xie ◽

Haihong Du ◽

Wenming Pan ◽

Jianqing Li ◽

...

Keyword(s):

Decision Making ◽

Investment Decision ◽

Power Grid ◽

Scale Structure ◽

Leading Role ◽

Investment Decision Making ◽

Investment Structure ◽

External Management ◽

Power Grid Planning ◽

The Impact

in order to thoroughly implement the new energy security strategy of “four revolutions and one cooperation”, meet the requirements of power grid planning and management of energy administration, realize the strategic objectives of State Grid Corporation of China, actively respond to the severe external economic situation, alleviate the impact of policy-based price reduction, and improve the performance of internal investment management, the company needs scientific front-end decision-making, improve the efficiency of investment decision-making, scientifically determine the investment scale, structure and timing, and play a strategic leading role in investment decision-making. Through the analysis of internal and external management requirements, this paper constructs an auxiliary decision-making model of power grid investment to support the determination of investment scale, structure and time sequence, to realize the reasonable investment scale calculation of provincial companies, the calculation of investment structure of different voltage levels and the optimization of project delivery under the condition of given investment scale, which comprehensively considers the external supervision, economic development and internal management objectives, so as to assist the prior investment decision-making, improve the input-output efficiency, effectively improve the Advisory decision-making ability of investment data, and meet the company’s investment decision-making needs.

Multiple Attribute Decision-making with Interval Numbers Projection and Its Application in the Power grid Planning

Proceedings of the 2015 AASRI International Conference on Circuits and Systems ◽

10.2991/cas-15.2015.35 ◽

2015 ◽

Cited By ~ 2

Author(s):

Ren Feng

Keyword(s):

Decision Making ◽

Power Grid ◽

Multiple Attribute Decision Making ◽

Interval Numbers ◽

Multiple Attribute ◽

Power Grid Planning ◽

Grid Planning

The Cyber Acumen

Analyzing Human Behavior in Cyberspace - Advances in Human and Social Aspects of Technology ◽

10.4018/978-1-5225-7128-5.ch011 ◽

2019 ◽

pp. 192-208

Author(s):

Xiang Michelle Liu

Keyword(s):

Decision Making ◽

Cyber Attacks ◽

Decision Making Process ◽

Theoretical Frameworks ◽

Major Purpose ◽

Systematic Analysis ◽

Policies And Procedures ◽

Decision Making Processes ◽

Potential Factors ◽

Effective Decision Making

The major purpose of this chapter is to understand average user's decision-making process in cybersecurity by reviewing and integrating several major theoretical frameworks discussed and applied in decision making processes in cybersecurity. The average users are the ones who do not realize or understand when or how to perform security-critical decisions, the ones who are unmotivated to comply with company and school cybersecurity policies and procedures due to inconvenience, and the ones who do not have sufficient knowledge in cybersecurity to make sound security decisions. It is important to discuss and understand the role of such users and their behaviors based on systematic analysis so that we can identify potential factors causing “poor” security decisions and find ways to reduce the likelihood of being victims of cyber-attacks. The ultimate goal is to provide insights and make recommendations on how to foster individual's cyber acumen and cultivate a more effective decision-making process.

SCADA Systems Cyber Security for Critical Infrastructures

Cyber Warfare and Terrorism ◽

10.4018/978-1-7998-2466-4.ch028 ◽

2020 ◽

pp. 446-464

Author(s):

Suhaila Ismail ◽

Elena Sitnikova ◽

Jill Slay

Keyword(s):

Decision Making ◽

Data Acquisition ◽

Case Studies ◽

Cyber Security ◽

Cyber Attacks ◽

Critical Infrastructures ◽

Physical Injury ◽

The Public ◽

Psychological Theories ◽

Scada Systems

Past cyber-attacks on Supervisory Control and Data Acquisition (SCADA) Systems for Critical infrastructures have left these systems compromised and caused financial and economic problems. Deliberate attacks have resulted in denial of services and physical injury to the public in certain cases. This study explores the past attacks on SCADA Systems by examining nine case studies across multiple utility sectors including transport, energy and water and sewage sector. These case studies will be further analysed according to the cyber-terrorist decision-making theories including strategic, organisational and psychological theories based on McCormick (2000). Next, this study will look into cyber-terrorist capabilities in conducting attacks according to Nelson's (1999) approach that includes simple-unstructured, advance-structured and complex-coordinated capabilities. The results of this study will form the basis of a guideline that organisations can use so that they are better prepared in identifying potential future cybersecurity attacks on their SCADA systems.

Evaluating Comprehensive Development Quality of a Regional Power Grid by Using an Integrated Multi-criteria Decision-Making Methodology

IOP Conference Series Materials Science and Engineering ◽

10.1088/1757-899x/612/4/042004 ◽

2019 ◽

Vol 612 ◽

pp. 042004

Author(s):

Xiaodong Zhang ◽

Kaiming Qin ◽

Ruihua Si ◽

Xianjun Ge

Keyword(s):

Decision Making ◽

Power Grid ◽

Multi Criteria Decision Making ◽

Regional Power ◽

Comprehensive Development

A Review of Cyber-Ranges and Test-Beds: Current and Future Trends

Sensors ◽

10.3390/s20247148 ◽

2020 ◽

Vol 20 (24) ◽

pp. 7148

Author(s):

Elochukwu Ukwandu ◽

Mohamed Amine Ben Farah ◽

Hanan Hindy ◽

David Brosset ◽

Dimitris Kavallieros ◽

...

Keyword(s):

Decision Making ◽

Situational Awareness ◽

Cyber Attacks ◽

Future Trends ◽

Accurate Assessment ◽

Comprehensive Understanding ◽

The Future ◽

Test Beds

Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CRs and TBs platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CRs and TBs research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs dimensions, as well as, highlighting a diminishing differentiation between application areas.