To main content

Targeted Attacks against Industrial Control Systems: Is the Power Industry Prepared?


Targeted cyber attacks are on the rise, and the power industry is an
attractive target. Espionage and causing physical damage are likely
goals of these targeted attacks. In the case of the power industry,
the worst possible consequences are severe: large areas, including
critical societal infrastructures, can suffer from power outages. In
this paper, we try to measure the preparedness of the power industry
against targeted attacks. To this end, we have studied well-known
targeted attacks and created a taxonomy for them. Furthermore, we
conduct a study, in which we interview six power distribution system
operators (DSOs), to assess the level of cyber situation awareness
among DSOs and to evaluate the efficiency and effectiveness
of their currently deployed systems and practices for detecting and
responding to targeted attacks. Our findings indicate that the power
industry is very well prepared for traditional threats, such as physical
attacks. However, cyber attacks, and especially sophisticated
targeted attacks, where social engineering is one of the strategies
used, have not been addressed appropriately so far. Finally, by
understanding previous attacks and learning from them, we try to
provide the industry with guidelines for improving their situation
awareness and defense (both detection and response) capabilities.


Academic chapter/article/Conference paper





  • Norwegian University of Science and Technology
  • SINTEF Digital / Software Engineering, Safety and Security
  • University of California, Santa Barbara
  • University College London




Association for Computing Machinery (ACM)


CCS'14 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA — November 03 - 07, 2014 : SEGS '14 Proceedings of the 2nd Workshop on Smart Energy Grid Security




13 - 22

View this publication at Cristin