Abstract
Operational Technology (OT) infrastructures play a critical role in modern society and economy. However, their increasing connectivity with public networks such as the Internet has made them vulnerable to cyberattacks, much like traditional Information Technology (IT) systems. In particular, cyberattacks against OT infrastructures remain relatively underexplored and little understood. In this paper, we aim to deepen our understanding of cyberattacks against OT infrastructures. For this purpose, we propose a methodology, including novel cybersecurity metrics to analyze the attack flows of these attacks in an end-to-end fashion, which allows us to draw useful insights. We demonstrate the utility of the methodology by applying it to characterize four real-world cyberattacks against OT infrastructures. This allows us to draw a number of insights, such as proactively disrupting attackers’ reconnaissance; segmenting within OT infrastructures, and from IT infrastructures via zero trust; disrupting attacks before they achieve their intended effects.
Recommended Citation
Kettner, Sherman; Chang, Caleb; Ear, Ekzhin; and Xu, Shouhuai
(2025)
"Characterizing Cyberattacks against Operational Technology Infrastructures through the Lens of Attack Flows,"
Military Cyber Affairs: Vol. 8
:
Iss.
1
, Article 7.
Available at:
https://digitalcommons.usf.edu/mca/vol8/iss1/7
Included in
Cognitive Psychology Commons, Cognitive Science Commons, Computer and Systems Architecture Commons, Computer Law Commons, Digital Communications and Networking Commons, Intellectual Property Law Commons, International Relations Commons, Military, War, and Peace Commons, National Security Law Commons, Other Computer Engineering Commons, Systems Science Commons
