skip to main content

Ransomware in Industrial Control Systems

Project

Project Details

Program
Computer Science
Field of Study
Computer Science and Engineering
Division
Computer, Electrical and Mathematical Sciences and Engineering

Project Description

According to a recent report, ransomware attacks on industrial entities increased more than 500% from 2018 to 2020. What is more, in 2020, ransomware, targeted ransomware, supply chain breaches and cloud connectivity all emerged as top-of-mind concerns for security teams at industrial enterprises. One of the biggest cyberattacks in history – the SolarWinds Orion supply chain breach – impacted as many as 18,000 organizations, many of which were industrial enterprises with physical operations. As a result, this project will study effective defense-in-depth security strategies, ensure an understanding of network interdependencies, and conduct crown jewel analysis to identify potential weaknesses that could disrupt business continuity and production in the event of ransomwares.

About the Researcher

Charalambos Konstantinou
Associate Professor, Electrical and Computer Engineering
Computer, Electrical and Mathematical Science and Engineering Division

Affiliations

Education Profile

  • PhD, New York University, 2018
  • MS, National Technical University of Athens, 2013
  • BS, National Technical University of Athens, 2013

Research Interests

a€‹Professor Konstantinou's research interests are in secure, trustworthy, and resilient cyber-physical and embedded IoT systems. He is also interested in critical infrastructures security and resilience with special focus on smart grid technologies, renewable energy integration, and real-time simulation.

Selected Publications

  • I. Zografopoulos, J. Ospina, X. Liu, and C. Konstantinou, ""Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies,"" in IEEE Access, vol. 9, pp. 29775-29818, 2021, doi: 10.1109/ACCESS.2021.3058403.
  • C. Konstantinou, ""Cyber-Physical Systems Security Education Through Hands-on Lab Exercises,"" in IEEE Design & Test, vol. 37, no. 6, pp. 47-55, Dec. 2020, doi: 10.1109/MDAT.2020.3005365.
  • O. M. Anubi and C. Konstantinou, ""Enhanced Resilient State Estimation Using Data-Driven Auxiliary Models,"" in IEEE Transactions on Industrial Informatics, vol. 16, no. 1, pp. 639-647, Jan. 2020, doi: 10.1109/TII.2019.2924246.
  • C. Konstantinou, et al., ""GPS spoofing effect on phase angle monitoring and control in a real-time digital simulator-based hardware-in-the-loop environment"", IET Cyber-Physical Systems: Theory & Applications, 2017, 2, (4), p. 180-187, doi: 10.1049/iet-cps.2017.0033
  • S. McLaughlin, C. Konstantinou, X. Wang, L. Davi, A. R. Sadeghi, M. Maniatakos, and R. Karri, ""The Cybersecurity Landscape in Industrial Control Systems,"" in Proceedings of the IEEE, vol. 104, no. 5, pp. 1039-1057, May 2016, doi: 10.1109/JPROC.2015.2512235.

Desired Project Deliverables

In this project, the students will examine the security issues of supply chain ransomware in industrial control systems (ICS) environments. One direction would be to investigate the applicability of unidirectional gateway technology to provide robust protection from such targeted attacks. Other methods include investigation of deep learning malware detector indicators.