Date of Award
Master of Science in Cyber Operations
Department of Electrical and Computer Engineering
Barry E. Mullins, PhD.
This thesis reviews traditional ransomware attack trends in order to present a taxonomy for ransomware targeting industrial control systems. After reviewing a critical infrastructure ransomware attack methodology, a corresponding response and recovery plan is described. The plan emphasizes security through redundancy, specifically the incorporation of standby programmable logic controllers. This thesis goes on to describe a set of experiments conducted to test the viability of defending against a specialized ransomware attack with a redundant controller network. Results support that specific redundancy schemes are effective in recovering from a successful attack. Further experimentation is conducted to test the feasibility of industrial control system ransomware attacks leveraging weaknesses in computer networking. Results support that intelligent electronic devices have communication link vulnerabilities that expose industrial control networks to traditional network attacks.
DTIC Accession Number
Jeffries, Blaine M., "Securing Critical Infrastructure: A Ransomware Study" (2018). Theses and Dissertations. 1808.