Securing Critical Infrastructure: A Ransomware Study

Author

Blaine M. Jeffries

Date of Award

3-22-2018

Document Type

Thesis

Degree Name

Master of Science in Cyber Operations

Department

Department of Electrical and Computer Engineering

First Advisor

Barry E. Mullins, PhD.

Abstract

This thesis reviews traditional ransomware attack trends in order to present a taxonomy for ransomware targeting industrial control systems. After reviewing a critical infrastructure ransomware attack methodology, a corresponding response and recovery plan is described. The plan emphasizes security through redundancy, specifically the incorporation of standby programmable logic controllers. This thesis goes on to describe a set of experiments conducted to test the viability of defending against a specialized ransomware attack with a redundant controller network. Results support that specific redundancy schemes are effective in recovering from a successful attack. Further experimentation is conducted to test the feasibility of industrial control system ransomware attacks leveraging weaknesses in computer networking. Results support that intelligent electronic devices have communication link vulnerabilities that expose industrial control networks to traditional network attacks.

AFIT Designator

AFIT-ENG-MS-18-M-034

DTIC Accession Number

AD1056153

Recommended Citation

Jeffries, Blaine M., "Securing Critical Infrastructure: A Ransomware Study" (2018). Theses and Dissertations. 1808.
https://scholar.afit.edu/etd/1808