Department of Computer Science and Technology

Technical reports

Are cyber-blackouts in service networks likely?: implications for cyber risk management

Ranjan Pal, Konstantinos Psounis, Abhishek Kumar, Jon Crowcroft, Pan Hui, Leana Golubchik, John Kelly, Aritra Chatterjee, Sasu Tarkoma

October 2018, 32 pages

Abstract

Service liability interconnections among networked IT and IoT driven service organizations create potential channels for cascading service disruptions due to modern cybercrimes such as DDoS, APT, and ransomware attacks. The very recent Mirai DDoS and WannaCry ransomware attacks serve as famous examples of cyber-incidents that have caused catastrophic service disruptions worth billions of dollars across organizations around the globe. A natural question that arises in this context is “what is the likelihood of a cyber-blackout?”, where the latter term is defined as: “the probability that all (or a major subset of) organizations in a service chain become dysfunctional in a certain manner due to a cyber-attack at some or all points in the chain”.

The answer to this question has major implications to risk management businesses such as cyber-insurance when it comes to designing policies by risk-averse insurers for providing coverage to clients in the aftermath of such catastrophic network events. In this paper, we investigate this question in general as a function of service chain networks and different loss distribution types. We show somewhat surprisingly (and discuss potential practical implications) that following a cyber-attack, the probability of a cyber-blackout and the increase in total service-related monetary losses across all organizations, due to the effect of (a) network interconnections, and (b) a wide range of loss distributions, are mostly very small, regardless of the network structure – the primary rationale behind the results being attributed to degrees of heterogeneity in wealth base among organizations, and Increasing Failure Rate (IFR) property of loss distributions.

Full text

PDF (1.9 MB)

BibTeX record

@TechReport{UCAM-CL-TR-926,
  author =	 {Pal, Ranjan and Psounis, Konstantinos and Kumar, Abhishek
          	  and Crowcroft, Jon and Hui, Pan and Golubchik, Leana and
          	  Kelly, John and Chatterjee, Aritra and Tarkoma, Sasu},
  title = 	 {{Are cyber-blackouts in service networks likely?:
         	   implications for cyber risk management}},
  year = 	 2018,
  month = 	 oct,
  url = 	 {https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-926.pdf},
  institution =  {University of Cambridge, Computer Laboratory},
  number = 	 {UCAM-CL-TR-926}
}