Related papers: Securing U.S. Critical Infrastructure: Lessons from Stuxnet and the Ukraine Power Grid Attacks

Securing U.S. Critical Infrastructure: Lessons from Stuxnet and the Ukraine Power Grid Attacks

URL: http://arxiv.org/abs/2510.14185v1
Date: Thu, 16 Oct 2025 00:30:17 GMT
Title: Securing U.S. Critical Infrastructure: Lessons from Stuxnet and the Ukraine Power Grid Attacks
Authors: Jack Vanlyssel,
Abstract summary: Industrial Control Systems underpin the United States' critical infrastructure.<n>Increasing digital integration has exposed these systems to escalating cyber threats.<n> Historical attacks like Stuxnet and the Ukraine power grid incident revealed exploitable weaknesses.
Score: 0.0
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Industrial Control Systems (ICS) underpin the United States' critical infrastructure, managing essential services such as power, water, and transportation that are vital to national security and public safety. However, increasing digital integration has exposed these systems to escalating cyber threats. Historical attacks like Stuxnet and the Ukraine power grid incident revealed exploitable weaknesses-poor network segmentation, outdated software, weak authentication, and inadequate monitoring-that persist in many U.S. ICS environments today. This paper analyzes these landmark attacks to identify recurring vulnerabilities and assess their relevance to current U.S. infrastructure. It argues that without immediate reforms, similar exploits could lead to catastrophic disruptions and national security crises. To address these risks, the paper proposes policy measures focused on implementing zero-trust architecture and improved network segmentation to enhance system resilience. These recommendations aim to guide policymakers and industry leaders in securing the nation's most critical operational technologies against future cyber threats.

Related papers

ORCA -- An Automated Threat Analysis Pipeline for O-RAN Continuous Development [57.61878484176942]
Open-Radio Access Network (O-RAN) integrates numerous software components in a cloud-like deployment, opening the radio access network to previously unconsidered security threats.<n>Current vulnerability assessment practices often rely on manual, labor-intensive, and subjective investigations, leading to inconsistencies in the threat analysis.<n>We propose an automated pipeline that leverages Natural Language Processing (NLP) to minimize human intervention and associated biases.
arXiv Detail & Related papers (2026-01-20T07:31:59Z)
Power Grid Cybersecurity: Policy Analysis White Paper [0.0]
U.S. power grid faces growing cyber risks from vulnerabilities in industrial control systems, remote access, and poor cyber hygiene.<n>This paper proposes a dual policy approach to strengthen grid cybersecurity.
arXiv Detail & Related papers (2025-10-16T00:08:00Z)
Embodied AI: Emerging Risks and Opportunities for Policy Action [46.48780452120922]
Embodied AI (EAI) systems can exist in, learn from, reason about, and act in the physical world.<n>EAI systems pose significant risks, including physical harm from malicious use, mass surveillance, as well as economic and societal disruption.
arXiv Detail & Related papers (2025-08-28T17:59:07Z)
Autonomous AI-based Cybersecurity Framework for Critical Infrastructure: Real-Time Threat Mitigation [1.4999444543328293]
We propose a hybrid AI-driven cybersecurity framework to enhance real-time vulnerability detection, threat modelling, and automated remediation.<n>Our findings provide actionable insights to strengthen the security and resilience of critical infrastructure systems against emerging cyber threats.
arXiv Detail & Related papers (2025-07-10T04:17:29Z)
Enabling Security on the Edge: A CHERI Compartmentalized Network Stack [42.78181795494584]
CHERI provides strong security from the hardware level by enabling fine-grained compartmentalization and memory protection.<n>Our case study examines the trade-offs of isolating applications, TCP/IP libraries, and network drivers on a CheriBSD system deployed on the Arm Morello platform.
arXiv Detail & Related papers (2025-07-07T09:37:59Z)
Signals and Symptoms: ICS Attack Dataset From Railway Cyber Range [8.612455964786049]
We conduct two ICS cyberattack simulations to showcase the impact of trending ICS cyberattacks on a railway cyber range that resembles the railway infrastructure.<n>The resulting evidence is collected as datasets, serving as an essential resource for cyberattack analysis.
arXiv Detail & Related papers (2025-07-02T14:47:31Z)
CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
arXiv Detail & Related papers (2025-06-12T12:22:45Z)
AI threats to national security can be countered through an incident regime [55.2480439325792]
We propose a legally mandated post-deployment AI incident regime that aims to counter potential national security threats from AI systems.<n>Our proposed AI incident regime is split into three phases. The first phase revolves around a novel operationalization of what counts as an 'AI incident'<n>The second and third phases spell out that AI providers should notify a government agency about incidents, and that the government agency should be involved in amending AI providers' security and safety procedures.
arXiv Detail & Related papers (2025-03-25T17:51:50Z)
Modern DDoS Threats and Countermeasures: Insights into Emerging Attacks and Detection Strategies [49.57278643040602]
Distributed Denial of Service (DDoS) attacks persist as significant threats to online services and infrastructure.<n>This paper offers a comprehensive survey of emerging DDoS attacks and detection strategies over the past decade.
arXiv Detail & Related papers (2025-02-27T11:22:25Z)
ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z)
Critical Infrastructure Protection: Generative AI, Challenges, and Opportunities [3.447031974719732]
Critical National Infrastructure (CNI) encompasses a nation's essential assets that are fundamental to the operation of society and the economy. Growing cybersecurity threats targeting these infrastructures can potentially interfere with operations and seriously risk national security and public safety. We examine the intricate issues raised by cybersecurity risks to vital infrastructure, highlighting these systems' vulnerability to different types of cyberattacks.
arXiv Detail & Related papers (2024-05-08T08:08:50Z)
The Opportunity to Regulate Cybersecurity in the EU (and the World): Recommendations for the Cybersecurity Resilience Act [1.2691047660244335]
Safety is becoming cybersecurity under most circumstances. This should be reflected in the Cybersecurity Resilience Act when it is proposed and agreed upon in the European Union. It is based on what the cybersecurity research community for long have asked for, and on what constitutes clear hard legal rules instead of soft.
arXiv Detail & Related papers (2022-05-26T07:20:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.