Research

Content Analysis of Job Advertisements

This paper explores key themes found within four different advertisements for cybersecurity jobs through content analysis. Content analysis is the process of breaking down a piece of content into smaller pieces and assigning labels based on specific categories in order to discover the underlying meanings and trends (LaFever, n.d.). The job advertisements in question are specifically those of a cybersecurity analyst and adjacent within the field of cybersecurity whose main responsibility is to make use of knowledge and expertise in cyber threat landscape and IT infrastructure to properly assess and protect an organization from cyber threats. The purpose of this research is to inform cybersecurity students about the typical working conditions of cybersecurity jobs as well as improve their portfolios and resumes through the discovery and exploration of underlying meanings and trends found within specific cybersecurity job advertisements (Harper, 2012). Specifically, cybersecurity students are informed about typically pay range, benefits, hours, responsibilities, and work culture and are able to improve their portfolios and resumes through findings on the most relevant credentials, specifically on expected educational experience, work experience, and certifications.

The job advertisements that are analyzed in this paper are that of a cybersecurity analyst and adjacent positions, such as, junior security engineer and security operations center analyst. These positions have focuses and responsibilities mainly pertaining to information technology infrastructure, cyber threat landscape, risk assessment, risk mitigation, and policy review or compliance. All of the four advertisements were listed as full time employment positions and listed responsibilities identical or adjacent to those mentioned above. These tasks typically align with most cybersecurity degree curriculums and disciplines and as such are tasks or environments that students are amply prepared for when going into the workforce. The largest gap for a lack of experience when entering a specific organization in a cybersecurity position is typically the specific software and programs that an organization is utilizing which are typically user friendly and taught to employees as soon as they join an organization. Across the four cybersecurity job advertisements, most offered a variety of employment opportunities depending on employee and organizational needs such as entirely in person work, entirely remote work, or hybrid work which is a combination of both in person and remote work. As such, in person employment opportunities would involve travel daily, hybrid would be determined by the workplace but typically two to three times a week, and remote would travel very infrequently. 

Across the four cybersecurity job advertisements, the expected academic experience was typically at the bachelor degree level, expecting that applicants have at least a bachelor’s degree in cybersecurity or a similar field, such as computer science, or information systems, although occasionally noted that a surplus of in field work experience could make up for that.  As for the expected cybersecurity field work experience, most organizations were expecting at least one to two years of prior experience in the field from applicants, although occasionally noted that a higher level of education, such as a master’s degree could make up for that. For certifications in specific, the cybersecurity job advertisements reviewed generally either did not mention any single certification requirement but noted that they were highly preferred or taken note of, or they mentioned specifically the Comptia Security+ or the Certified Information Systems Security Professional or CISSP for short. This is because the Comptia Security+ and CISSP certifications are widely recognized certifications that many professionals in the field are required to or recommended to obtain early on in their careers and certifies that they have a foundational understanding of cybersecurity and information systems when going into a position in the field. As such these requirements for these positions are typically easily obtainable for most cybersecurity professionals straight out of college, as they will typically obtain the relevant certifications as necessary, as well as the one to two years of work experience while obtaining their bachelor’s degree in cybersecurity or a related field. 

On top of specific educational, work, and certification requirements, applicants are widely expected to collaborate consistently with other individuals closely and often within these organizations, as such it is a requirement that applicants are confident in their communication, teamwork, and potentially customer service skills. This requirement, although not written outright, is mentioned across most of the advertisements for these kinds of positions and is a skill that can be properly refined and picked up through most types of work experience of any field, academic experience working with peers, or on a sports team or competitive team of almost any kind. Similarly, general skills and foundational knowledge is expected of applicants which is further reinforced by the requirements set for academic and work experience as well as industry specific certifications. As for these cybersecurity job advertisements coverage of benefits, there was a large variance reflected within the various posts, some would not mention the benefits much if at all, while others would fully list out a plethora of the different benefits they offer to employees, and some would mention a benefits package but not specifically list them all out. As for the specific organizations themselves, they listed a large range of history and employees, dating back over a hundred years ago to several decades ago in establishment and ranging from a few hundred or thousand employees to tens of thousands. 

Through this paper students were informed about cybersecurity analyst and adjacent positions conditions such as typical pay range, benefits, hours, responsibilities, and work culture and are able to improve their portfolios and resumes through findings on the most relevant credentials, specifically on expected educational experience, work experience, and certifications. This paper specifically focused on the presence of repetition among the four different cybersecurity job advertisements in order to understand the importance placed on specific aspects of the advertisements (Burry, 2022). By understanding the findings of this research, cybersecurity students are able to better prepare themselves for the cybersecurity workforce and their expected day to day, as well as more intrinsic focus points such as benefits, pay range, and commuting options. Furthermore, cybersecurity students are better equipped to create a portfolio that best reflects their relevant skill sets and industry specific certifications or soft skills that will make them more marketable to employers, such as by focusing on sought after certifications such as Comptia Security+ or CISSP, as well as outlining specific academic artifacts that demonstrate their experience with important aspects of cybersecurity such as windows environment traversal, next generation firewalls, network layout creation, and general scripting proficiency. Cybersecurity students are also better prepared to highlight the important aspects of any cybersecurity internship or work opportunities they have taken on within their portfolio to better convey their relevant experience with a previous organization and the skills that can translate over into new places of employment. By making use of these discoveries, cybersecurity students can have newfound confidence when stepping into the next part of their cybersecurity careers, knowing exactly what to put on their applications. 

References

Burry, M. (2022, February 1). How to Decode a Job Advertisement. The Balance. 

https://www.thebalancemoney.com/how-to-decode-a-job-advertisement-2061002

Harper, R. (2012). The collection and analysis of job advertisements: A review of research 

methodology. Library and Information Research, 36(112), 29-54. https://doi.org/10.29173/lirg499

LaFever, K. (n.d.). Content Analysis [PowerPoint]. Cybersecurity Department of Old Dominion 

University.  https://canvas.odu.edu/courses/163600/files/37294767

1.

https://www.indeed.com/cmp/Ally-Financial/jobs?jk=9a91573cb9a98cf8&start=0&clearPrefilter=1

2.

https://www.indeed.com/cmp/Honeywell/jobs?jk=6556578ea67592cd&start=0&clearPrefilter=1

3.

https://www.indeed.com/cmp/Sharonview-Federal-Credit-Union/jobs?jk=72cecf081637657c&start=0&clearPrefilter=1

4.

https://www.indeed.com/cmp/New-Braunfels-Utilities/jobs?jk=46b66dd3c3790144&start=0&clearPrefilter=1

Autonomous Vehicles: Addressing Security Concerns and Remedies

Parker Fitch

College of Cybersecurity 

Old Dominion University

Hampton Roads, Virginia

Abstract—This paper focuses on identifying security vulnerabilities, breaches, or attacks within autonomous vehicles, specifically looking at devices, protocols, and applications involved, while also elaborating on the impact of these issues on the present day and future transportation.

  1. Introduction

Autonomous vehicles, also sometimes referred to as intelligent connected vehicles or smart cars, are vehicles which make use of advanced technologies in order to perform automated functions, typically including such as transportation and navigation without input or heavy input from a human operator. Autonomous vehicles have already been on the road for years now at this point and is a heavily talked about subject because of the convenience and intrigue around them as well as the security concerns. It’s only natural that as technology advances, the vector of vulnerabilities for which we can be attacked increases, and the same applies to autonomous vehicles. 

The impacts of a successful attack on an autonomous vehicle are clear to see and could easily cause asset loss, injuries, and even casualties. As such, it is more important than ever that organizations producing autonomous vehicles implement security by design and focus on securing their products as best as possible to reduce the possible damages. This paper will discuss some of the currently known security vulnerabilities associated with autonomous vehicles, specifically looking at the devices, protocols, and applications involved, while also elaborating on the impact of these issues on present day and future transportation.

  1. Vulnerabilities 

Autonomous vehicles make use of a variety of advanced technologies in order to facilitate autonomous driving functionalities. Just to list a few, this process involves various sensors, cameras, switches, connectors, and chips, and as such, is vulnerable to attacks that might attempt to exploit any of those different pieces of technology. One of the most common vulnerabilities that can be seen for autonomous vehicles is the exploitation of the vehicle’s sensors in an attempt to spoof or trick the sensors into believing a variety of things. One such thing that attackers have proven is possible via this sensor exploitation is spoofing the autonomous vehicle into believing there is a car next to it even when there isn’t by making use of specific technology that mimics outputs that are typically related to other vehicles on the road, which is noted in [6] and [7]. 

Doing so can trick the autonomous vehicle into reacting in such a way that may be dangerous to the car itself as well as the passengers by making it believe there is a potential car expected to crash into it and causing it to swerve out of the way. Similarly, the autonomous vehicle can be tricked into believing that there is now suddenly a vehicle too close in front of it for the car to stop and would force it to change course into other lanes or vehicles in order to avoid a head on collision. Of course these sorts of attacks are not common as it isn’t nearly as practical to pull off such a spoofing attempt on the road as it is in a controlled environment, but the existence of such a concept of attack working raises enough security questions on its own. 

Another common attack that has been proven by attackers on intelligent connected vehicles is making use of the extremely advanced computer systems and automated functions of the vehicle by gaining access to parts of the system and then making use of horizontal escalation attempts in order to gain complete control over the car even while it is driving, as such, the attackers are then able to perform a variety of actions that can be extremely detrimental to the vehicles itself as well as its passengers, this could range anywhere from continuously spraying windshield wiper fluids to obscure the drivers vision, to causing the brakes to be slammed while in heavy traffic on the freeway, either of which could lead to severe implications. 

These attacks have even been proven to work remotely given certain circumstances and certain technology as well as insider information to perform these attacks in a controlled environment. Autonomous and intelligent connected vehicles are specifically vulnerable to horizontal escalation attacks, also commonly known as privilege escalation attacks because of their reliance on internet connectivity, complex software, complex hardware, and human elements all together. Once again an example of an extremely detrimental attack that is much harder to pull off outside of a controlled environment but raises a number of security concerns about autonomous and intelligent connected vehicles simply by existing even as a concept, as explained in [2]. 

  1. Further Vulnerabilities
  1. Radar spoofing/manipulation
  2. LiDAR spoofing/manipulation
  3. Camera Obstruction
  4. Computing malfunction
  5. Forced denied computing functionality
  6. Inertial sensor spoofing/manipulation
  7. Ultrasonic spoofing/manipulation
  8. Power transmission spoofing/manipulation
  9. GPS spoofing/manipulation
  10. Environmental perception blocking

Autonomous vehicles like any other internet connected and smart device with high functionality are susceptible to a variety of field standard attacks. Potentially one of the most prominent being the inherent vulnerability to malware which can propagate itself on computer systems such as that of autonomous vehicles or intelligent connected vehicles and perform a variety of malicious actions against the system. The most prominent way for which malware could make its way to an autonomous vehicle or intelligent connected vehicles system is by connection either via wire or the internet with a device that is already infected with malware and creates a link by establishing a connection between the infected device and the vehicles systems. 

This is only the most common way malware can reach vehicle systems in a number of ways similar to that of most computer devices. Autonomous vehicles or intelligent connected vehicles are especially vulnerable to such an attack through malware acting as a gateway attack for allowing access to the computer systems entirely or by allowing partial access and siphoning sensitive information from the vehicle itself back to home base in order to gain further access after acquiring specific information about the systems internal processes and looking for potential vulnerabilities based on the statistics that it receives.

As described above, the introduction of malware into an autonomous vehicle or intelligent connected vehicles computer systems can allow for mainly two types of direct results, that being a back door connection by which the malwares profitors receive sensitive information from the autonomous vehicle or intelligent connected vehicle via it’s cameras, dashboard, sensors, microphone, etc, which can lead to potential leaks of personally identifiable information, confidential information, and other similarly sensitive personal information which can be used as blackmail or to cause damages to the individuals using and around the vehicle as well as those affiliated with them. 

The other alternative result that can come about from the introduction of malware onto autonomous vehicle or intelligent connected vehicles computer systems is a complete takeover of the computer’s automatic functions after a successful privilege escalation attack has taken place. For reference, a privilege escalation, or horizontal escalation attack, is performed in this situation by making use of the partial privileges given to them via the introduction of malware onto the system and then using those privileges to gain unauthorized access to more information or in most cases a higher level of authority on the system. 

This part of the privilege escalation attack can be done in a number of ways, either directly by gaining access to credentials in order to escalate authority within the computer system environment, or by gaining access to higher privileges by performing additional attacks to gain access to previously restricted functions and levels. This is specifically done through practices such as credential exploitation and other attacks that attempt to attack the password via a dictionary or brute force attack and the like, or by exploiting the software within the computer systems themselves. 

Once the attack has been successful in gaining escalated privilege within the autonomous vehicle or intelligent connected vehicles computer systems environment, it can establish a new root back door and maintain continued control over it remotely and persistently in order to compromise most if not all functionalities such as steering, braking, window wipers, airbags, etc. Depending on the capabilities of the specific vehicle that has been compromised, the attacker can perform a variety of malicious attacks on the vehicle, doing essentially whatever they please, whether exploiting the information of the vehicle’s users or causing damage to the car itself or its passengers and those around them. 

Another vulnerability that autonomous vehicles or intelligent connected vehicles face is that of the organizations that are producing them and their components, as well as the individuals behind this production process. That is to say that another prominent vulnerability that autonomous vehicles or intelligent connected vehicles face includes very specifically the potential threat vectors that are associated with the production process of them as well as the specific organization that is responsible for producing them. The organization that is responsible for producing autonomous vehicles or intelligent connected vehicles introduces its own set of threat vectors that heavily factor into the vulnerabilities of said vehicles. Specifically, they introduce threat vectors in how they are produced, in the decisions on hardware, software, and general security measures that are taken and updated to combat potential threats to the vehicles themselves as well as users of the vehicles. An example of a threat that is introduced into the equation because of this is specific targeted threats against hardware, software, and security measures that are used, as well as manufacturing line vulnerabilities, and insider threats. 

Manufacturing line vulnerabilities can exist and be impactful to autonomous vehicles or intelligent connected vehicles in a number of ways. Manufacturing line vulnerabilities are, as the name suggests, vulnerabilities that exist specifically through the existence of manufacturing lines which produce hardware and equipment for these vehicles. A similar notion is true even for the production and procurement process of the software which is utilized in these autonomous vehicles or intelligent connected vehicles as well but is a separate issue in and of itself. Manufacturing line vulnerabilities typically come about when a bad actor, either internal or external manipulates or makes use of the manufacturing line in an attempt to compromise the end product systems or cause unintended results to come about from the specific design of the hardware, the way they are implemented, or add ons that are detrimental to the security of the systems upon installment. 

Insider threats also exist and serve as their own independent threat vector for which autonomous vehicles or intelligent connected vehicles suffer from. Specifically, as mentioned above an insider threat could include a worker on the assembly line or manager with the capabilities to cause malicious results on the end product or overall security of the systems by changing something within the manufacturing line without immediately being found out, such as installing devices or chips that allow for a back door to the vehicle’s computer systems. 

Another example of an insider threat could exist within the organizations that produce and maintain the autonomous vehicles or intelligence connected vehicles directly by abusing their authority or work privileges to gain access to the vehicles against the better knowledge of the vehicles users. This is an especially real threat that is even more so dangerous in how it bypasses the intended security measures of the autonomous vehicles or intelligence connected vehicles since they do have authority and are simply misusing it rather than doing so as an attacker and gaining unauthorized access to the systems. 

This is oftentimes especially dangerous since it is done without any knowledge of the autonomous vehicles or intelligent connected vehicles owners and users and is often done in a way that violates their privacy and can lead to the potential leak of their sensitive information or personally identifiable information. Examples of this have already been realized in major organizations that produce and maintain autonomous or intelligent connected vehicles and have raised public concern and discussion because of it. 

  1. Vehicle Components 

Through the research used for this paper, it was found that the most vulnerable and highly utilized technologies and devices or protocols that were involved in attacks on autonomous and intelligent connected vehicles were mainly that of sensors, cameras, automated car components (i.e. windshield wipers, brakes, airbags, etc), computer systems, and bluetooth connectivity. That is to say that these elements within autonomous and intelligent connected vehicles were the most common amongst exploitation of these systems. This is most likely due to the inherent ability of them to obscure the drivers ability to see, prevent them from driving correctly, or cause the car itself to malfunction while on the road. 

As such, these elements of the autonomous and intelligent connected vehicles are extremely important to secure and lend special attention to when designing these vehicles. The computer system and smart device or internet of things devices within autonomous and intelligent connected vehicles are specifically dangerous as they create a completely new threat vector for vehicles that did not previously exist and are in some cases vulnerable to attacks such as those of horizontal escalation attacks which in certain situations as described above, can lead to infiltration of the cars control systems which is extremely detrimental to the car itself and its passengers. 

Even on a much less drastic level, a smaller level, horizontal escalation that is unable to gain complete access to control functions, could still set up a back door to the system and depending on the setup of the vehicle could siphon sensitive information from the car itself or the passengers via cameras, sensors, or other data driven devices connected to the vehicle. Similarly, bluetooth connection functionalities within autonomous and intelligent connected vehicles also create a new threat vector for which attackers can exploit and make use of in order to gain access to the vehicle systems in a number of ways. 

Being able to gain access to bluetooth functionalities in and of itself could cause potential problems even just by playing extremely loud and distracting audio in an attempt to make the driver lose focus or scramble to change the audio settings in such a way that could lead to an accident. Especially when more advanced attacks are able to gain partial access to the control functionalities of an autonomous vehicle, most every automated functionality can be abused in a malicious away, just like automatic air bag deployment systems which can easily cause bodily harm and obstruct driver view if they are deployed without the proper precautions or at the right time, and depending on the build can also be disorienting by nature of how loud and obstructive their deployment process is. 

  1. Other Compo
  2. Other Components
  • Radar. 
  • LiDAR
  • Cameras
  • Sensors
  • Artificial intelligence
  • GPS 
  • Ultrasonic
  • Computing systems
  • Inertial sensors
  • Map
  • Power
  • Bluetooth
  • Environmental Perception

The self-driving and navigation abilities of autonomous vehicles is derived from the culmination of a variety of different components such as the ones listed above and uses them together harmoniously and instantaneously to allow for a sort of computer vision which accounts for all the necessary variables while driving. These components are utilized to their utmost efficiency in order to ensure that autonomous vehicles are able to perform their self driving capabilities in their entirety, accounting for the road and driving lanes themselves, as well as other cars, foreign obstacles on the road, lights changing, necessary lane changes, road work, weather conditions, traffic conditions, etc, in order to ensure a safe driving environment for the user as well as the vehicle itself and other drivers on the road. 

This is an extremely complex process and not only makes use of a variety of different physical hardware but also complex software and extremely large data sets that are rapidly being collected, analyzed, and adapted for the sake of allowing such an autonomous vehicle to operate properly. As such, the ability for an attacker to detrimentally affect these processes, hardware, or software, in any way shape or form could lead to unintended consequences for the car itself and its passengers, as well as other drivers on the road around them. Attackers can also cause interpersonal or personal damage to individuals utilizing compromised vehicles such as these by siphoning personally identifiable information or other sensitive information and using it to exploit the individual or their affiliated accounts or organizations.

Autonomous vehicles or intelligent connected vehicles are also at the mercy of other vehicle components, specifically those that aren’t meant to be there. This is specifically in reference to vehicle components that are added on without the proper authorization either via a manufacturing line vulnerability, insider attack, or external attack by attaching or incorporating unknown and often malicious hardware or software into the autonomous vehicles or intelligent connected vehicles. These installations or incorporations of unwanted and unintended software or hardware are almost always unknown and hard to identify without the proper precautions being taken throughout the varied steps of the cars production process and maintenance.

This can be done in a number of ways with different intentions but the impact that improper installation and inclusion of malicious software or hardware within these complex vehicle computer systems can lead to many unintended results and a general weaker security presence for the vehicle. This unintended yet included vehicle components can range from computer chips, to physical driving obstructions, to tracking devices and the like, and so on and so forth, and each present their own unique risks to users of autonomous vehicles or intelligent connected vehicles as well as the vehicles themselves and other drivers or individuals around them.

  1. Impacts 

The impacts of these issues are clear to see, the inability to properly secure autonomous and intelligent connected vehicles could easily lead to a loss in trust for them, as well as loss in assets, injury to individuals, and potentially even casualties. As such, there is no room for emphasizing the importance of security by design within these vehicles which should ensure the safety of all parties involved above all as such, that the attacks and vulnerabilities can not feasibly be made use of by malicious entities in order to cause any sort of suffering, referred to specifically in [1]. The impact of these issues at current day is the potential for malicious activities to be caused by these vulnerabilities or any vulnerabilities known or unknown against autonomous vehicles. 

It is important to note that this is not an issue that concerns only those interested in owning or using autonomous vehicles but anyone anywhere in the world, with the increasing popularity of autonomous and intelligent connected vehicles, the potential impacts of them are widespread, an accident caused by exploiting any vulnerability of them could cause damage not only to the autonomous or intelligent connected car itself and its passengers but also anyone else on the road or anywhere potentially affected by a crash. It is no stretch to say that the potential impact of vulnerabilities in autonomous and intelligent connected vehicles could very well cause civil unrest if it ever becomes a big enough or widespread issue and is successfully exploited by malicious entities. 

The impact of these issues on future transportation are also clear to see. If these issues and vulnerabilities are not addressed, any of the above cases could come to fruition and wreak havoc on modern society and the individuals around it with massive repercussions, which is noted in [4] and [5]. As such, it is especially important that the future development of autonomous and intelligent connected vehicles are implemented with security by design with heavy focus on reducing the threat vectors of these vehicles while keeping them efficient and convenient for the purposes of future transportation, as noted in [3]. 

       V.   Conclusion

Overall, it can be said that autonomous vehicles are an extremely important part of our society’s future and they will be instrumental and much more widely used in the future. As such, it will be even more important and evident that autonomous vehicle producers should implement security by design and should heavily focus on the importance of securing these systems such that the potential risks are mitigated, especially those outlined within this paper as well as those that have yet to be discovered and explored. 

These points stand to make it clear that in order to balance the benefits of autonomous vehicles or intelligent connected vehicles with the risks of them, the necessary precautions and measures must be taken to ensure the security of these systems from both internal and external threats that they are faced with. Furthermore, it is important that these design concepts and security measures are future proofed and constantly being upgraded to match the malicious efforts of bad actors attempting to exploit autonomous vehicles or intelligent connected vehicles for their own individual gain or to cause damage in order to further an organizational effort.

References 

E-Book

  1. A. Giannaros, A. Karras, L. Theodorakopoulos, C. Karras, P. Kranias, N. Schizas, G. Kalogeratos, and D. Tsolis, Autonomous Vehicles: Sophisticated Attacks, Safety Issues, Challenges, Open Topics, Blockchain, and Future Directions, J. Cybersec. Priv. 2023. [E-book] Available: MDPI e-book

Journal Article

  1. A. Chowdhury, G. Karmakar, J. Kamruzzaman, A. Jolfaei and R. Das, “Attacks on Self-Driving Cars and Their Countermeasures: A Survey,” in IEEE Access, vol. 8, pp. 207308-207342, 2020, Available: IEEE, https://ieeexplore.ieee.org/document/9257492 

[Accessed: April 14, 2024].

Journal Article

  1. J. Yang, Q. Ni, G. Luo, Q. Cheng, L. Oukhellou and S. Han, “A Trustworthy Internet of Vehicles: The DAO to Safe, Secure, and Collaborative Autonomous Driving,” in IEEE Transactions on Intelligent Vehicles, vol. 8, no. 12, pp. 4678-4681, Dec. 2023, Available: IEEE, https://ieeexplore.ieee.org/document/10334017 

[Accessed: April 14, 2024].

Conference Proceeding

  1. H. Lechte and J. Menck, “Exploring the impact of data breaches and system malfunctions on users’ safety and privacy perceptions in the context of autonomous vehicles” (2022). WISP 2022 Proceedings. 20. Available: Wisp, https://aisel.aisnet.org/wisp2022/20 

[Accessed: April 14, 2024].

Conference Proceeding 

  1. Y. Qin, H. Li and H. Rong, “Research on Threat Identification and Protection Methods for Information Security of Intelligent Connected Vehicles,” 2023 2nd International Conference on Artificial Intelligence and Autonomous Robot Systems (AIARS), Bristol, United Kingdom, 2023, pp. 248-251, Available: IEEE, https://ieeexplore.ieee.org/document/10285291 

[Accessed: April 14, 2024].

Web Article

  1. C. Irvine, “Autonomous vehicle technology vulnerable to road object spoofing and vanishing attacks,” news.uci.edu, February 29, 2024. [Online]. Available: https://news.uci.edu/2024/02/29/autonomous-vehicle-technology-vulnerable-to-road-object-spoofing-and-vanishing-attacks/ 

[Accessed: April 14, 2024].

Web Article

  1. E. White, “Autonomous Vehicles Are Vulnerable To Lidar Hacking, Researchers Say,” autoweek.com, March 1, 2024. [Online]. Available: https://www.autoweek.com/news/a60043383/autonomous-vehicles-hacking-spoofing/ 

[Accessed: April 14, 2024].

The Importance of Cybersecurity Standards in Critical Infrastructure

Parker Fitch

Old Dominion University

CYSE 250: Basic Cyber Programming and Networking

Hind Aldabagh

April 23, 2023

Key Words: Cybersecurity, Critical Infrastructure, Standards

Abstract

This research paper discusses the importance of cybersecurity standards in critical infrastructure by highlighting the impact that cybersecurity events can have on society or an economy, the potential for them to be targets of cyber warfare, and the benefits of having standards in place for cybersecurity within critical infrastructure facilities. After looking at the main three factors that define why cybersecurity in critical infrastructure is so important, the research paper will explain some of the details of guidelines currently in existence that give a reference for future standards to adhere to for the implementation processes.

Introduction

Cybersecurity is the field which addresses the protection of electronic data from unauthorized, criminal, or unintended use. Critical infrastructure is defined as facilities that are deemed worthy of national security because their functioning is imperative to the wellbeing of a society and economy. Cybersecurity in critical infrastructure is the presence of factors that protect electronic data from unintended use within facilities that are deemed worthy of national security because their functioning is imperative to the wellbeing of a society and economy. The idea of cybersecurity standards within critical infrastructure means that there is the presence of legal guidelines which require a minimum level of cybersecurity to be present within all critical infrastructure facilities. All critical infrastructure industries use electronic data throughout their services via technology on a large scale. This paper explains that cybersecurity standards in critical infrastructure are important because of the impact that cyber events occurring in critical infrastructure facilities can have on society or an economy, the potential for them to be targets of cyberwarfare, and the benefits of having standards in place for cybersecurity within critical infrastructure facilities.

Results and Findings

Cyber events are typically defined as occurrences in which the functioning of a process is impeded by the unintended use of electronic systems. More typically than not these cyber events are caused by unauthorized access being granted to electronic data by a cyber attack which then causes denial of service, damage to the systems, or other reactions that can slow down or stop the intended functioning of the systems. A major cyber event occurring within a critical infrastructure facility could have catastrophic consequences. To put it into perspective there are 16 critical infrastructure sectors, those being: the chemical sector, communications sector, dams sector, emergency services sector, financial services sector, government facilities sector, information technology sector, transportation systems sector, commercial facilities sector, critical manufacturing sector, defense industrial base sector, energy sector, food and agriculture sector, healthcare and public health sector, nuclear reactors, materials, and waste sector, and water and wastewater systems sector. If a major cyber event were to occur in the energy sector for example and managed to cause an accident in a nuclear power plant, the potential damage and loss of life possible is comparable to that of a targeted natural disaster. Even in a slightly better case scenario where no accident occurs leading to loss of life, if a major cyber event was capable of shutting down various facilities that produce large amounts of power for the nearby communities, it would suddenly become impossible for those communities to live their lives normally and could greatly impact the community and inversely lead to loss of jobs. Losing power in those communities could also indirectly lead to loss of life, given that emergency facilities such as hospitals or police stations lose energy even for a short period of time. It is clear that the damage cyber events can have on society and the economy is potentially drastic, as such it is important that cybersecurity standards are in place for critical infrastructure facilities. 

Cyber warfare is defined as the usage of computer technology or systems to purposefully interrupt the functioning of information systems inside facilities with strategic intent. Given how important critical infrastructure facilities are to a nation’s society and its economy, as well as the damage that can be caused by targeted attacks causing cyber events at them, it’s clear to see why they are prime targets for acts of cyber warfare. Cyber warfare is becoming ever more important within the realm of modern warfare especially with the increased reliance on technology systems within critical infrastructure facilities across the globe. Recent history has proven time and time again just how effective cyber attacks can be as a strategic weapon between two opposing forces. Critical infrastructure facilities are prime targets similar to that of government and military facilities which have similar strategic purposes for being targeted in the case of cyber warfare. As such, the importance of cybersecurity standards within critical infrastructure becomes even more apparent. With a red target painted on the back of every critical infrastructure sector in existence, it stands to reason that the utmost care is to be taken to ensure that critical infrastructure facilities don’t act as a vulnerability to national security. Cyber attacks can be used by nation states on other nation states in a variety of ways during cyber warfare. The main three ways that cyber attacks can be utilized against critical infrastructure facilities is by causing damage to information systems and preventing the functioning of them, taking the information systems hostage so to speak by encrypting it with malware, or by causing damage to society or the economy by causing detrimental incidents to occur by altering the information systems without them knowing. The importance of improving cybersecurity systems within critical infrastructure is only further highlighted by these facts. 

The benefits to having cybersecurity standards in place within critical infrastructure systems are numerous. One of the most notable benefits of having cybersecurity standards within critical infrastructure facilities is the guarantee that these facilities will be running their cybersecurity programs to an acceptable level as ascertained by the government in a way that best ensures minimal cyber events occur if any at all. The use of cybersecurity standards within critical infrastructure also benefits the government in allowing them to readily update the standards to match the advancements in technology as they come along. Another notable benefit of having cybersecurity standards within critical infrastructure facilities is the convenience of being able to share information much more easily across the sectors concerning patterns of attempted cyber attacks, potential vulnerabilities, and general diagnostic information. Cybersecurity guidelines have been around for many years, with the most notable being NIST’s Framework for improving critical infrastructure cybersecurity, which serves to outline what standards should strive to be implemented as, although it takes a more voluntary approach than traditional standards. NIST’s figure on risk management and implementation processes is shown below and outlines the cycle in which organizations cycle through the process of deciding on how to manage risk and implementation cycles properly. This figure gives a great explanation as for how the cybersecurity process typically goes in most companies and organizations.

Figure 2 from National Institute of Standards Technology, I. (2014). Framework for Improving Critical Infrastructure Cybersecurity. https://www.baltimorecityschools.org/sites/default/files/inline-files/NIST.CSWP_.04162018.pdf  

Conclusion

This paper has discussed the impact that cyber events occurring in critical infrastructure facilities can have on society or an economy, the potential for them to be targets of cyberwarfare, and the benefits of having standards in place for cybersecurity within critical infrastructure facilities, which explains cybersecurity standards in critical infrastructure are important. Using the explanation on how cyber events occurring within critical infrastructure facilities can have an impact on society and the economy gave the precedent for why this matter is important while also explaining why they are often targets for cyber warfare while also helping to realize the legitimacy of the benefits that come along with implementing cybersecurity standards within critical infrastructure facilities. It is important that as the threats to cybersecurity increase, so do the cybersecurity standards in order to keep up with them.

References

Construction cybersecurity and critical infrastructure protection: New … (n.d.). Retrieved April 

17, 2023, from https://www.researchgate.net/profile/Borja-Garcia-De-Soto-2/publication/361327630_Construction_cybersecurity_and_critical_infrastructure_protection_New_horizons_for_Construction_40/links/62aae05623f3283e3aeae019/Construction-cybersecurity-and-critical-infrastructure-protection-New-horizons-for-Construction-40.pdf 

Cyber security training for critical infrastructure protection: A literature review. Computer 

Science Review. Retrieved April 16, 2023, from https://www.sciencedirect.com/science/article/pii/S1574013721000010  

Framework for improving critical infrastructure cybersecurity, version 1. (n.d.). Retrieved April 

17, 2023, from https://www.baltimorecityschools.org/sites/default/files/inline-files/NIST.CSWP_.04162018.pdf 

Oapen. (n.d.). Retrieved April 17, 2023, from 

https://library.oapen.org/bitstream/handle/20.500.12657/47324/9783030290535.pdf?sequenc

Review of cybersecurity issues in industrial critical infrastructure: Manufacturing in perspective

Taylor & Francis. Retrieved April 16, 2023, from https://www.tandfonline.com/doi/full/10.1080/23742917.2016.1252211 

Understanding the challenge of cybersecurity in critical infrastructure … (n.d.). Retrieved April 17, 2023, from https://sciendo.com/downloadpdf/journals/raft/26/1/article-p69.xml