Depending on the amount of data to process, file generation may take longer.

If it takes too long to generate, you can limit the data by, for example, reducing the range of years.

Article

Download file Download BibTeX

Title

Estimating the vulnerability of industrial network infrastructure in Central and Eastern Europe

Authors

[ 1 ] ICT Security Department, Poznan Supercomputing and Networking Center (PSNC) | [ 2 ] Institute of Bioorganic Chemistry of the Polish Academy of Sciences, Jana Pawła II 10, 61-139, Poznań, Poland | [ 3 ] Chief Technology Officer, ICsec S.A., Wichrowa 1A, 60-449, Poznań, Poland | [ 4 ] Research and Development, Department, ICsec S.A., Wichrowa 1A, 60-449, Poznań, Poland | [ 5 ] Data Processing Technologies Division, Poznan Supercomputing and Networking Center (PSNC) | [ 6 ] nstitute of Bioorganic Chemistry of the Polish Academy of Sciences, Zygmunta Noskowskiego 12/14, 61-704, Poznań, Poland

Year of publication

2024

Published in

Security and Defence Quarterly

Journal year: 2024 | Journal volume: vol. 47 | Journal number: no. 3

Article type

scientific article

Publication language

english

Keywords
EN
  • Critical infrastructure
  • Cyberattack
  • Network security
  • Industrial control systems
  • National vulnerability
PL
  • Bezpieczeństwo społeczne
  • Bezpieczeństwo teleinformatyczne
  • Cyberatak
  • Infrastruktura krytyczna
  • Infrastruktura techniczna
  • Ubezpieczenia społeczne
Abstract

EN Industrial infrastructure has suffered an unprecedented number of attacks in Central and Eastern Europe (CEE). This situation can be attributed to many geopolitical factors, including hybrid military conflicts and criminal activity. Industrial networks belonging to the countries that were once under Soviet influence suffer from an elevated risk of cyberattacks. The goal of this work is to propose an easy way to estimate the vulnerabilities of industrial networks to cyber threats on a national level. Since analysis of the industrial vulnerability landscape is difficult, this study proposes an assessment based on the popularity of vulnerable technologies—VPc. This metric is composed of search volume data on keywords related to industrial network technologies and reported security vulnerabilities associated with these words. Data on 116 keywords was analysed and a country-specific VPc index was calculated for twenty states in CEE. The analysis of the popularity of industrial technologies and vendors in CEE reveals interesting information about the industrial security and vulnerability landscape. The results show that some countries (e.g. Estonia) have more resilient industrial infrastructure than others (e.g. Belarus). The results presented in this study are not in conflict with other data and estimation attempts, including the National Cyber Security Index (NCSI). As new vulnerabilities are noted every day, the industrial security landscape changes rapidly. Therefore, a new easy-to-use metric (VPc) can be successfully used for general estimations. This work shows that the VPc score agrees with other estimates and analyses, but as with any other general estimation tool, it must be used with caution.

Date of online publication

30.09.2024

Pages (from - to)

53 - 73

DOI

10.35467/sdq/190350

URL

https://securityanddefence.pl/Estimating-the-vulnerability-of-industrial-network-infrastructure-in-Central-and,190350,0,2.html

License type

CC BY (attribution alone)

Open Access Mode

open journal

Open Access Text Version

final published version

Release date

30.09.2024

Full text of article

Download file

Access level to full text

public

Additional documents

Download file

Ministry points / journal

70