Cyber Defence Library

Technical Analysis of Advanced Threat Tactics Targeting Critical Information Infrastructure

Technical Analysis of Advanced Threat Tactics Targeting Critical Information Infrastructure

Critical information infrastructure (CII) provides vital functions for a nation’s existence and the wellbeing of its citizens. This makes CII susceptible to an increasing number of targeted, strategically executed cyber attacks. Such sophisticated attacks lead to information system compromise, control takeover, component destruction, and sensitive information extraction. The grave consequences implied by actors behind the corresponding attacks have to be acknowledged and potential risks appraised, in order to raise the awareness and readiness level to defend against an advanced adversary.
To distinguish what technical means and tactics are employed by advanced threat actors when targeting the CII, this paper reviews targeted attack trends, assesses actor motivation and situational background, assembles data on known major incidents, and defines their analysis criteria to perform selected case studies.
From threat landscape assessment and incident case studies it can be identified that cyber means can be considered as a feasible approach for gaining advantage for competitive motivations, conflict situations, and maintaining presence in cyber space. This leads to the existence of increasingly resourceful and motivated threat actors, weaponisation of cyber means, virtualisation of forces, and the dawn of cyber espionage.

Published in Cyber Security Review, Winter 2014