Potential cyber-threats against Canada’s critical infrastructure: an investigation of online discussion forums

IF 1.9 Q3 OPERATIONS RESEARCH & MANAGEMENT SCIENCE

CRIMINAL JUSTICE STUDIES Pub Date : 2022-06-03 DOI:10.1080/1478601X.2022.2081568

Noelle Warkentin, Richard Frank, Yuxuan Zhang, Naomi Zakimi

{"title":"Potential cyber-threats against Canada’s critical infrastructure: an investigation of online discussion forums","authors":"Noelle Warkentin, Richard Frank, Yuxuan Zhang, Naomi Zakimi","doi":"10.1080/1478601X.2022.2081568","DOIUrl":null,"url":null,"abstract":"ABSTRACT Critical infrastructures (CI) are connecting their systems to the internet at an increasing rate, providing the opportunity for malicious actors to attack these systems using cyber-weapons. Compromised systems then pose issues for the affected company, and may disrupt the broader population. The purpose of the current study was to analyze IP addresses collected from discussion forums, with a specific interest in which Canadian CIs could potentially be at risk of a cyber-attack. Overall, 897,524 IP addresses were extracted from 47,134,503 posts across 20 discussion forums, 39,164 of which were associated with Canadian CI. Of all Canadian CI sectors, the majority of IP addresses were found to belong to the information and technology sector. A thematic analysis of posts containing IP addresses was conducted, revealing that the majority of posters were sharing large lists of IP addresses with no context given. Lastly, a keyword search was employed on the forums in an attempt to understand discussions surrounding CI. A thematic analysis was employed on a random sample of posts containing keywords, revealing two major themes: Potential threat and threat information. Findings from this study reveal that information useful for conducting cyber-attacks against CI is being shared within these online forums.","PeriodicalId":45877,"journal":{"name":"CRIMINAL JUSTICE STUDIES","volume":"35 1","pages":"322 - 345"},"PeriodicalIF":1.9000,"publicationDate":"2022-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"CRIMINAL JUSTICE STUDIES","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/1478601X.2022.2081568","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"OPERATIONS RESEARCH & MANAGEMENT SCIENCE","Score":null,"Total":0}

引用次数: 0

Abstract

ABSTRACT Critical infrastructures (CI) are connecting their systems to the internet at an increasing rate, providing the opportunity for malicious actors to attack these systems using cyber-weapons. Compromised systems then pose issues for the affected company, and may disrupt the broader population. The purpose of the current study was to analyze IP addresses collected from discussion forums, with a specific interest in which Canadian CIs could potentially be at risk of a cyber-attack. Overall, 897,524 IP addresses were extracted from 47,134,503 posts across 20 discussion forums, 39,164 of which were associated with Canadian CI. Of all Canadian CI sectors, the majority of IP addresses were found to belong to the information and technology sector. A thematic analysis of posts containing IP addresses was conducted, revealing that the majority of posters were sharing large lists of IP addresses with no context given. Lastly, a keyword search was employed on the forums in an attempt to understand discussions surrounding CI. A thematic analysis was employed on a random sample of posts containing keywords, revealing two major themes: Potential threat and threat information. Findings from this study reveal that information useful for conducting cyber-attacks against CI is being shared within these online forums.

查看原文本刊更多论文

针对加拿大关键基础设施的潜在网络威胁:对在线论坛的调查

关键基础设施(CI)正在以越来越快的速度将其系统连接到互联网，这为恶意行为者使用网络武器攻击这些系统提供了机会。然后，受损的系统会给受影响的公司带来问题，并可能扰乱更广泛的人群。当前研究的目的是分析从论坛收集的IP地址，特别关注加拿大CIs可能面临网络攻击的风险。总的来说，从20个论坛的47,134,503个帖子中提取了897,524个IP地址，其中39,164个与加拿大CI相关。在加拿大所有信息通信行业中，大多数IP地址属于信息和技术行业。我们对包含IP地址的帖子进行了专题分析，结果显示大部分发帖者都分享了大量IP地址，并没有给出背景。最后，在论坛上使用关键字搜索，试图了解围绕CI的讨论。对随机抽取的包含关键词的帖子样本进行主题分析，揭示了两个主要主题:潜在威胁和威胁信息。这项研究的结果表明，这些在线论坛正在分享对CI进行网络攻击有用的信息。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

CRIMINAL JUSTICE STUDIES OPERATIONS RESEARCH & MANAGEMENT SCIENCE-

CiteScore

2.80

自引率

5.60%

发文量

期刊介绍： Criminal Justice Studies, a quarterly refereed journal, publishes articles that deal with substantive criminal justice and criminological issues. The journal welcomes all articles that are relevant to the issue of criminal justice, as well as those that may be outside the field but have relevancy to the topic of criminal justice. Articles that cover public administration, issues of public policy, as well as public affairs issues are welcome. The journal also publishes relevant literature reviews, research notes and summary reports of innovative research projects in criminal justice. Qualitative and quantifiable articles are sought mainly from academics and researchers in the field, though articles from professionals will also be considered.