Assessing Cascading Effects of Cyber-Attacks in Interconnected Critical Infrastructures

Critical Infrastructures (CIs) represent the backbone of modern societies. It is essential to ensure a smooth and reliable functioning of vital services, and processes that societies rely on. CIs are either based on or are soon to be embedding (modern) digital technologies. The level of interconnectedness and interdependencies of such systems continue to increase. These developments make them directly exposed to different types of cyber-attacks like ransomware and Distributed Denial of Service (DDoS). Cyber-attacks on such infrastructures would not only impact the overall functioning of such infrastructures, well-being of people and a nation's economy, but also cause cascading effects. There is a lack of framework to assess cascading effects that propagate in both independent and interdependent CIs regarding the operational level of components. To tackle this gap, this research aims to answer the following research question: "How can we assess the cascading effects in terms of operational level corresponding to different components in both independent and interdependent Critical Infrastructures taking into account component dependencies, vulnerabilities, and existing measures?", by means of building a Bayesian Network-based framework following a Design Science Research methodological approach.