Article Preview
TopIntroduction
Recent attacks on critical infrastructure including ransomware events on pipelines (Turton & Mehrotra, 2021), airline maintenance systems (Ikeda, 2020) and food processing facilities (Makortoff, 2021) highlight the growing disruptive impacts cyberattacks have on systems that support modern society. Increased integration of information technology creates the potential for incidents by malicious actors whose actions generate strategic consequences that remain largely unexplored (Harry, 2020; Harry & Vivek, 2021). Of particular concern are novel transportation risks due to the rise of connected vehicles and intelligent transportation infrastructures. Yet despite the demonstrated ability to generate localized effects on specific vehicles, network segments, or persons, little effort has been devoted to assessing strategic consequences in transportation systems generally. Such information is an essential part of developing comprehensive national strategies that promote national cybersecurity resilience in transportation infrastructures.
This paper addresses the question of how do we measure the emergent strategic consequences of differing cyberattack strategies on road networks? More specifically, what targeting strategies generate the largest fragmentation of road networks disrupting the movement of cargo or passengers, and how does that inform policy maker decisions about where to invest their scarce resources? Answering these questions directly addresses policy maker objectives of measuring strategic cybersecurity risk and reducing the benefits gained by malicious actors by providing analysis that informs a comprehensive and strategic defensive approach.
This paper proceeds in four sections. The literature review section explores both the policy impetus for addressing strategic consequences of cyberattacks on road infrastructure, as well as the academic literature that discusses vulnerabilities to internet connected vehicles and road infrastructure. The methodologies section develops novel network based methods in combination with location based data sources to analyze disruption to road infrastructure from three distinct cyber targeting strategies. This section focuses the analysis of disruption to road infrastructure by exploring a specific case, Washington D.C. The data includes historical data sets of origin and destination points from SafeGraph and road network information from the Python package OSMnx that obtains urban road network data from OpenStreetMap and is used to develop a graph model of commuters in the city. The results section quantifies the impact of three distinct targeting strategies that seek to disrupt both the efficiency and accessibility of surface road trips between origin and destination points on the D.C. road network. Finally, the discussion and conclusion from the results are placed in a policy context that frames the problem of securing roadside infrastructure as a multifaceted defense of the entirety of the attack surface: signaling, vehicles, and people.
Results from the analysis suggest that highly targeted attacks on ten or fewer signaling systems represent the single most efficient disruptor of shortest time routes (defined as the route disruption achieved over the number of intersections impacted). However, location agnostic supply chain attacks on vehicles or disinformation attack strategies also have the potential to generate substantial disruption to the same road network when hundreds to thousands of systems are attacked. Further, we find that while a targeted attack on ten signaling systems at strategic locations would disrupt a third of shortest time routes, a majority of these trips remain accessible albeit through sub optimal paths. In order to make a third of the trips inaccessible even through sub optimal paths, an order of magnitude more signaling systems would need to be targeted. This highlights the potential for reducing transportation based impacts of cyberattacks through prioritizing traffic and coordinated rerouting; effectively contributing to a multi-layered deterrence strategy that requires significant coordination efforts among policy makers and the private sector to align defensive investments among local municipalities, car manufacturers, and specific IT application manufacturers.