Published in the International Journal of Cyber Warfare and Terrorism
The explosive growth in connected vehicle infrastructures and IoT-enabled traffic systems opens the potential for novel societal impacts stemming from cyber-attacks on transportation systems. Researchers and threat actors have demonstrated that they can gain control of safety-critical vehicle functions, compromise poorly authenticated third-party apps, as well as modify supervisory control and data acquisition (SCADA) systems. This raises the question of where policy makers should invest to reduce the most significant consequences of a cyberattack on road infrastructure. In this paper, the authors develop a network-based approach in conjunction with historical trip information to quantify the network impacts of cyberattacks on road networks in Washington DC. They find that a highly targeted attack on only 10 SCADA-controlled signaling devices at specific locations disrupts a third of the most efficient paths in Washington DC. The results open the possibility of layered deterrence strategies that minimize the disruptive consequences of cyberattacks, thereby reducing benefits to attackers.