Ransomware on cyber-physical systems: Taxonomies, case studies, security gaps, and open challenges

Internet of Things and Cyber-Physical Systems Pub Date : 2024-01-01 DOI:10.1016/j.iotcps.2023.12.001

Mourad Benmalek

{"title":"Ransomware on cyber-physical systems: Taxonomies, case studies, security gaps, and open challenges","authors":"Mourad Benmalek","doi":"10.1016/j.iotcps.2023.12.001","DOIUrl":null,"url":null,"abstract":"<div><p>Ransomware attacks have emerged as one of the most significant cyberthreats faced by organizations worldwide. In recent years, ransomware has also started to target critical infrastructure and Cyber-Physical Systems (CPS) such as industrial control systems, smart grids, and healthcare networks. The unique attack surface and safety-critical nature of CPS introduce new challenges in defending against ransomware. This paper provides a comprehensive overview of ransomware threats to CPS. We propose a dual taxonomy to classify ransomware attacks on CPS based on infection vectors, targets, objectives, and technical attributes. Through an analysis of 10 real-world incidents, we highlight attack patterns, vulnerabilities, and impacts of ransomware campaigns against critical systems and facilities. Based on the insights gained, we identify open research problems and future directions to improve ransomware resilience in CPS environments.</p></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"4 ","pages":"Pages 186-202"},"PeriodicalIF":0.0000,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2667345223000561/pdfft?md5=4e1f20e6c28b32ae59f1f757ef9b4c6b&pid=1-s2.0-S2667345223000561-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things and Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2667345223000561","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Ransomware attacks have emerged as one of the most significant cyberthreats faced by organizations worldwide. In recent years, ransomware has also started to target critical infrastructure and Cyber-Physical Systems (CPS) such as industrial control systems, smart grids, and healthcare networks. The unique attack surface and safety-critical nature of CPS introduce new challenges in defending against ransomware. This paper provides a comprehensive overview of ransomware threats to CPS. We propose a dual taxonomy to classify ransomware attacks on CPS based on infection vectors, targets, objectives, and technical attributes. Through an analysis of 10 real-world incidents, we highlight attack patterns, vulnerabilities, and impacts of ransomware campaigns against critical systems and facilities. Based on the insights gained, we identify open research problems and future directions to improve ransomware resilience in CPS environments.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

网络物理系统中的勒索软件：分类、案例研究、安全漏洞和公开挑战

勒索软件攻击已成为全球组织面临的最重要的网络威胁之一。近年来，勒索软件也开始瞄准关键基础设施和网络物理系统（CPS），如工业控制系统、智能电网和医疗保健网络。CPS 独特的攻击面和安全关键性为防御勒索软件带来了新的挑战。本文全面概述了勒索软件对 CPS 的威胁。我们提出了一种双重分类法，根据感染载体、目标、目的和技术属性对针对 CPS 的勒索软件攻击进行分类。通过对 10 起真实事件的分析，我们强调了针对关键系统和设施的勒索软件活动的攻击模式、漏洞和影响。根据所获得的见解，我们确定了改进 CPS 环境中勒索软件复原力的开放研究问题和未来方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Internet of Things and Cyber-Physical Systems

CiteScore

13.80

自引率

0.00%

发文量