Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Big fish, little fish, critical infrastructure: an analysis of Phineas Fisher and the ‘Hacktivist’ threat to critical infrastructure

Maynard, Peter and McLaughlin, Kieran 2020. Big fish, little fish, critical infrastructure: an analysis of Phineas Fisher and the ‘Hacktivist’ threat to critical infrastructure. Presented at: 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), Dublin, 15-19 June 2020. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA): Proceedings. IEEE, 10.1109/cybersa49311.2020.9139715

Full text not available from this repository.

Abstract

The hacktivist threat actor is listed in many risk decision documents. Yet their tactics and techniques often remain a mystery. We create a MITRE ATT&CK TM (ATT&CK) model of a well known hacktivist who goes under the pseudonym of Phineas Fisher, and map that threat to critical infrastructure. The analysis is derived from hacker manifestos, journalist reporting, and official government documentation. This analysis fills a gap in current threat models, to better define what skills and methods a determined hacker might employ. This paper also identifies seven essential mitigations which can be deployed by critical infrastructure operations and asset owners, to prevent such intrusions by hacktivists. We are in the process of contributing this threat actor into the MITRE ATT&CK knowledge base.

Item Type: Conference or Workshop Item (UNSPECIFIED)
Date Type: Published Online
Status: Published
Schools: Computer Science & Informatics
Publisher: IEEE
Last Modified: 26 Sep 2023 13:00
URI: https://orca.cardiff.ac.uk/id/eprint/161737

Actions (repository staff only)

Edit Item Edit Item