R. Drahuntsov, V. Zubok
Èlektron. model. 2023, 45(3):116-128
https://doi.org/10.15407/emodel.45.03.116
ABSTRACT
During the Russian-Ukrainian war, mass power outages occurred in Ukraine, caused by Russian attacks on civilian infrastructure, namely on the generating and distribution capacities of the power system. The risks associated with such outages cover not only the issue of uninterrupted operation of the economy directly, but also more complex aspects related to cyber security. The impact of such outages on the cyber security of information and communication systems is considered, namely, the second-order effects, such as interruptions with information observability, violation of the integrity of the protection infrastructure, overloading of monitoring teams and response to false alarms. All these factors alter the threat landscape for the system and must be considered in security policy and during the threat modeling process accordingly. An analysis of hidden cyber security risks arising in connection with massive power outages was conducted. Possible approaches to taking such risk factors into account when modeling threats, as well as methods of countermeasures, are given.
KEYWORDS
blackout, power outage, cybersecurity, information observability, false positive, CSIRT, russo-ukrainian war.
REFERENCES
- CYBERATTACKS, ARTILLERY, PROPAGANDA. Common analysis of Russian aggression metrics. (2022). Center for Cybersecurity and Cybercrime Combatting under the State Service of Special Communication and Information Protection of Ukraine. https:// gov.ua/services/cm/api/attachment/download?id=50692
- What happens during a blackout / T. Petermann et al. Norderstedt : BoD – Books on Demand, 2011.
- Jacobs, N., Hossain-McKenzie, S., Summers, A., Jones, C. B., Wright, B., & Chavez, A. (2020) Cyber-Physical Observability for the Electric Grid. У 2020 IEEE Texas Power and Energy Conference (TPEC). IEEE.
https://doi.org/10.1109/TPEC48276.2020.9042494 - Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2017) STRIDE-based threat modeling for cyber-physical systems. У 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). IEEE.
https://doi.org/10.1109/ISGTEurope.2017.8260283 - Zografopoulos, I., Ospina, J., Liu, X., & Konstantinou, C. (2021) Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies. IEEE Access, 9, 29775–29818.
https://doi.org/10.1109/ACCESS.2021.3058403 - Halvdan Flå, L. (2021) Threat Modeling Framework for Smart Grids [Master thesis, Norwegian University of Science and Technology]. https://ntnuopen.ntnu.no/ntnu-xmlui/bitstream/handle/11250/2781029/no.ntnu:inspera:66462738:38097967.pdf?sequence=1
- Muckin, M., & C. Fitch, S. (2019) A Threat-Driven Approach to Cyber Security. Lockheed Martin Corporation. https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Threat-Driven-Approach.pdf
- Using a Reserve Power Architecture to Increase Data Center Infrastructure Utilization and Efficiency. (2014a). Emerson Network Power Global Headquarters.
- Business Continuity Management for SMEs using the Cloud. (2013b). Federal Office for Information Security.
- Conducting a STRIDE-based threat analysis. (2023) United Kingdom Department for Science, Innovation & Technology.