Date of Award


Document Type


Degree Name

Master of Science in Cyber Operations


Department of Electrical and Computer Engineering

First Advisor

Barry E. Mullins, PhD.


This thesis reviews traditional ransomware attack trends in order to present a taxonomy for ransomware targeting industrial control systems. After reviewing a critical infrastructure ransomware attack methodology, a corresponding response and recovery plan is described. The plan emphasizes security through redundancy, specifically the incorporation of standby programmable logic controllers. This thesis goes on to describe a set of experiments conducted to test the viability of defending against a specialized ransomware attack with a redundant controller network. Results support that specific redundancy schemes are effective in recovering from a successful attack. Further experimentation is conducted to test the feasibility of industrial control system ransomware attacks leveraging weaknesses in computer networking. Results support that intelligent electronic devices have communication link vulnerabilities that expose industrial control networks to traditional network attacks.

AFIT Designator


DTIC Accession Number