ISSN :XXXX-XXXX

Cyber vs. Physical Attacks: an Analysis of Technical Discriminant Criteria, and their Consideration from a Legal Perspective

Original Research (Published On: 03-Jun-2024 )
Cyber vs. Physical Attacks: an Analysis of Technical Discriminant Criteria, and their Consideration from a Legal Perspective
DOI : https://dx.doi.org/10.54364/cybersecurityjournal.2024.1101

Tamara Hadjina, Stéphane Paul, Bengi Zeybek and Emmanuel Gureghian

Adv. Artif. Intell. Mach. Learn., 1 (1):1-37

Tamara Hadjina : Koncar - Digital

Stéphane Paul : Thales Research & Technology

Bengi Zeybek : Institute for Information Law, University of Amsterdam

Emmanuel Gureghian : Thales Research & Technology

Download PDF Here

DOI: https://dx.doi.org/10.54364/cybersecurityjournal.2024.1101

Article History: Received on: 19-Feb-24, Accepted on: 20-Apr-24, Published on: 03-Jun-24

Corresponding Author: Tamara Hadjina

Email: tamara.hadjina@koncar.hr

Citation: Stéphane Paul, Tamara Hadjina, Bengi Zeybek, Emmanuel Gureghian. (2024). Cyber vs. Physical Attacks: an Analysis of Technical Discriminant Criteria, and their Consideration from a Legal Perspective. Adv. Artif. Intell. Mach. Learn., 1 (1 ):1-37


Abstract

    

Security threats on critical infrastructures are evolving and increasingly consist of a combination of physical and cyber-attacks. In practice, a common approach to characterise physical and cyber-attacks is lacking, which may cause security gaps. This article proposes a set of technical criteria to characterise attacks. It evaluates these criteria based on attack scenarios to assess their efficacy. This study is situated against the background of the EU policy and regulation to highlight the regulatory relevance of the distinction between physical and cyber threats for critical infrastructure protection. The article concludes that, based on the currently applicable criteria, it is not technically possible to distinguish systematically cyber from physical attacks. This calls for a security management approach that acknowledges the convergence of physical and cyber threats. From a legal perspective, authors conclude there is no harmonised guidance as to how physical and cyber threats may be addressed in protecting critical infrastructure. The multidisciplinary approach of this article aims to inform decision making in terms of security governance and management.

Statistics

   Article View: 779
   PDF Downloaded: 4