Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)


This chapter opens the book by introducing the characteristics and particularities of critical infrastructures. Their existence and interplay forms a vital pillar of contemporary societies, and their protection is a top duty of governments and security research. Recent years have shown a paradigm shift of cyber-attacks from specific individual threat and attack scenarios, to a modern combination of various attack types and strategies to what we call an advanced persistent threat (APT) today. This term describes a diverse class of attacks that all share a set of common characteristics, which presents new challenges to security that demand urgent and continuous action by practitioners, researchers and every stakeholder of a critical infrastructure. The main focus of the book is describing game theory as a tool to establish security against APTs, and to this end, the introduction here starts with the abstract characteristics of an APT, showcasing them with a set of selected real-life documented cases of APTs that ends the chapter.


  1. 1.
    Assante MJ, Lee RM (2015) The Industrial Control System Cyber Kill Chain. SANS White Paper, SANS, Bethesda.
  2. 2.
    Bundesamt für Sicherheit in der Informationstechnik (2016) IT-Grundschutz Catalogue. BSI, Bonn. English Version
  3. 3.
    CGTN (2019) Maduro announces 30 days of electricity rationing in Venezuela. Egypt independent.
  4. 4.
    Cimpanu C (2017) Petya ransomware outbreak originated in ukraine via tainted accounting software.
  5. 5.
    Dube R, Castro M (2019) Venezuela blackout plunges millions into darkness. Wall Street J.
  6. 6.
    European Commission (2008) COUNCIL DIRECTIVE 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection. Off J Eur Union (L345):75–82. Google Scholar
  7. 7.
    FireEye (2013) APT1. Exposing one of China’s cyber espionage units. Technical report, FireEye Inc., Milpitas.
  8. 8.
    FireEye (2019) Cyber threat intelligence reports.
  9. 9.
    France24 (2019) Race against time in blackout-hit Venezuela to save food stocks. France 24.
  10. 10.
    Greenberg A (2017) How the Mimikatz hacker tool stole the world’s passwords. Wired.
  11. 11.
    Greenberg A (2018) WIRED: the untold story of NotPetya, the most devastating cyberattck in history.
  12. 12.
    Hadnagy C (2011) Social engineering. Wiley, Indianapolis. Google Scholar
  13. 13.
    Hess H, Lehmann P (2005) Neue Erkenntnisse zum Stromausfall.
  14. 14.
    ICS-CERT (2016) Cyber-attack against Ukrainian critical infrastructure.
  15. 15.
    Jones S (2019) Venezuela blackout: what caused it and what happens next? The Guardian.
  16. 16.
    Kurmanaev A, Herrera I, Krauss C (2019) Venezuela blackout, in 2nd day, threatens food supplies and patient lives. The New York Times.
  17. 17.
    La Patilla (2019) El origen de la falla que causó el mega apagón en Venezuela (informe de la UCV).
  18. 18.
    Lee RM, Assante MJ, Conway T (2016) Analysis of the cyber attack on the Ukrainian power grid. Technical report, E-ISAC, Washington.
  19. 19.
    Mann I (2008) Hacking the human. Gower, AldershotGoogle Scholar
  20. 20.
    Marinos L, Lourenco M (2019) ENISA threat landscape 2018. Technical report, ENISA, Ispra.
  21. 21.
    MS-ISAC (2019) EternalBlue. Security primer SP2019-0101, multi-state information sharing & analysis center (MS-ISAC).
  22. 22.
    NetBlocks (2019) Second national power outage detected across Venezuela.
  23. 23.
    Newman LH (2019) Why it’s so hard to restart Venezuela’s power grid. Wired.
  24. 24.
  25. 25.
  26. 26.
    Schmidthaler M, Reichl J (2016) Assessing the socio-economic effects of power outages ad hoc. Comput Sci Res Dev 31(3):157–161. CrossRefGoogle Scholar
  27. 27.
    Schweizer Radio und Fernsehen (SRF) (2014) Schweiz – Der Blackout 2005 – ein schwarzer Tag für die SBB. Schweizer Radio und Fernsehen (SRF).
  28. 28.
    Secureworks (2019) Advanced persistent threats – learn the ABCs of APT: part A.
  29. 29.
    ThreatStop (2016) Black energy. Security report, ThreatStop, Carlsbad.
  30. 30.
    UCTE (2004) Final report of the investigation committee on the 28 September 2003 blackout in Italy. Technical report, Union for the Coordination of Electricity Transmission (UCTE).
  31. 31.
    US-CERT (2017) Alert (TA17-132a) indicators associated with WannaCry ransomware.
  32. 32.
    US-CERT (2017) Alert (TA17-181a) petya ransomware.
  33. 33.
    Zerpa F (2019) Venezuela blackouts cut oil output by half in March. Houston Chronicle.
  34. 34.
    Zetter K (2016) Everything we know about Ukraine’s power plant hack | WIRED.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Universitaet KlagenfurtKlagenfurtAustria
  2. 2.Austrian Institute of Technology GmbHWienAustria
  3. 3.Tandon School of EngineeringNew York UniversityBrooklynUSA

Personalised recommendations