Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Do Cyber Attacks Have A Tipping Point Where Catastrophic Effects Are Imminent?

The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace. However, there are examples where a tipping point has been found to exist through more rigorously applied studies.

The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace. However, there are examples where a tipping point has been found to exist through more rigorously applied studies.

One study showed the point where hospitals begin to fail resulting in the deaths of critically ill patients: “What our research revealed is that there is, in fact, a tipping point which was triggered strongly at midnight occupancy levels of around 92 per cent in our data. When the tipping point was exceeded, patients began dying in significant numbers.”

The risk of a fire turning into a firestorm due to the density of trees in a forest occurs at 59% density: “The risk of catastrophic fire does not increase in a linear relationship with the density of the forest. Instead there is a tipping point at about 59% density.”

My interest with tipping points have to do with critical infrastructure such as the power grid or transportation routes. A lot of papers have been written about cascading failures such as [1] and [2], however what would happen if a small terrorist group with moderate knowledge of industrial control systems wanted to create sustained or repeated outages? Think of the different regional grids in the U.S. as songs on an adversary’s playlist, and he just hit “Shuffle”. What would be the tipping point before social order in the U.S. would collapse?

I don’t know if there’s a good answer to that question, but I think it’s one that needs exploring. Therefore, I’ve organized a panel to address the issue from different angles at Suits and Spooks New York. Joining me will be Joe Weiss, an internationally known ICS expert and Dr. John Mallory of MIT.

If you’d like to hear this discussion and add your perspective, please register to join us at Suits and Spooks New York on June 20-21, 2014. This will be just one of many great panels and speakers. Suits and Spooks New York will mark the first SecurityWeek-branded two day event. Hope to see you there.

Footnotes:

[1] Saleh Soltan, Dorian Mazauric, Gil Zussman: Cascading Failures in Power Grids – Analysis and Algorithms

Advertisement. Scroll to continue reading.

[2] Paulo Shakarian, Hansheng Lei, Roy Lindelauf: Power Grid Defense Against Malicious Cascading Failure.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...