Tekniske og kriminologiske perspektiver på cyberangreb mod industrielle kontrolsystemer

Møller, Jesper

4. semester

Kriminologi, Kandidat

2025

2025-06-03

66 pages

Cyberattacks targeting Industrial Control Systems pose significant risks to critical infrastructure, yet they remain underexplored within criminological research, which traditionally focuses on individual motivations and online crime. This study investigates how such cyberattacks differ in terms of technical depth and interprets them through criminological perspectives. Using cluster analysis based on data from the Mitre Attack framework, the project analyzes 460 documented cyberattacks. The results identify six distinct clusters, some of which share common techniques and targets, while each also displays unique characteristics. Cluster 1 are defined by the use of remote access and lateral movement between IT and industrial environments. Cluster 2 is dominated by Denial of Service attacks aimed at disrupting data flows and operational processes. Cluster 3 rely heavily on valid credentials to maintain persistent control. Cluster 4 targets low-level system components like Data Gateways. Cluster 5 focuses on human-machine interfaces (HMIs), combining physical and logical exploitation, while cluster 6 is characterized by deep technical manipulation and a wide range of targets. The study highlights the importance of integrating technical insight with criminological interpretation to better understand and respond to specific cyber threats against Industrial Control Systems.

Cybersikkerhed ; Cyberangreb

Download
Vis denne rapport i AAU Studenterprojekter