Skip to main content
SpringerLink
Log in

Advances in Cybersecurity Design: An Integrated Framework to Quantify the Economic Impacts of Cyber-Terrorist Behavior

  • Chapter
  • First Online:
Security by Design

Abstract

An integrated framework to quantify the economic impacts of cyber-attacks on the U.S. airport security systems is put forth. A cyber-attack on the United States would involve complex strategic behavior by terrorists, who could invade an airport electronic system without any U.S. border or entry point. At the same time, defending entities must consider the complex processes that may cause any turmoil. The possibility of simultaneous threats from cyber-attacks makes it more difficult for defending entities to secure their airports, highlighting the need for improved and integrated inter-governmental collaboration. Collaborative networking requires close inter-governmental coordination to overcome such cyber-terrorism to protect critical infrastructure systems. Constructing a new model for strategic cyber-terror security requires a combination of competitive and cooperative game situations to develop specific strategies against cyber-terrorism. In addition, an airport shutdown would have ripple effects throughout domestic and international economies; these effects must be analyzed with a spatially disaggregate economic model. Combining competitive and cooperative game situations with an economic impact model, this study proposes the Game Theoretic National Interstate Economic Model (G-NIEMO) framework. G-NIEMO identifies which airport may be most vulnerable in the event that an airport electronic system is shut down. Using the probabilistic costs of airport closures, the model identifies the economic importance of cyber security by event location and industry type. From G-NIEMO, equilibrium strategies to protect U.S. airport systems can be developed and a general guideline for the evaluation of resource allocation can be provided to U.S. government agencies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Center for Strategic and International Studies (2011) Significant cyber incidents since 2006. http://csis.org/files/publication/110606_Significant_Cyber_Incidents_Since_2006.pdf

  2. General Accountability Office (2011) Cybersecurity: continued attention needed to protect our nation’s critical infrastructure and federal information systems, US Government, 16 Mar 2011

    Google Scholar 

  3. Goldman J (2010) CIO Insight, federal investment in cyber security to reach $13.3 billion by 2015. Government-CIO Insight. 29 Dec 2010. http://www.cioinsight.com/c/a/Government/Federal-Investment-in-Cyber-Security-to-Reach-133-Billion-by-2015-305281/

  4. Thomas M, Dhillon G (2011) Interpreting deep structures of information systems security. Comput J Adv Access

    Google Scholar 

  5. Dhillon G, Backhouse J (2000) Technical opinion: information systems security management in the new millennium. Commun ACM 43(7)

    Google Scholar 

  6. Dhillon G, Torkzadeh G (2006) Value-focused assessment of information systems security in organizations. Inform Syst:293–314

    Google Scholar 

  7. Siponen MK (2005) An analysis of the traditional IS security approaches: implications for research and practice. Eur J Inf Syst 14, 3 (September 2005):303–315

    Google Scholar 

  8. Krauss L (1972) SAFE: security audit and field evaluation for computer facilities and information systems. Amacon, New York

    Google Scholar 

  9. Broder JF, Tucker E (2012) Risk analysis and the security survey. Elsevier, Waltham

    Google Scholar 

  10. Landwehr CE (1981) Formal models for computer security. ACM Computer Survey 13, 3w (Sept), pp 247–278

    Google Scholar 

  11. McLean J (1990) The specification and modeling of computer security. Computer 23, 1 (Jan), pp 9–16

    Google Scholar 

  12. Yang Y, Zhou Y (2011) Fuzzy logic based method for network information security risk assessment. In: International conference on internet technology and applications. IEEE, Wuhan

    Google Scholar 

  13. Reason JT (1990) Human error. Cambridge University Press

    Google Scholar 

  14. CBP (2008) About border security. Available at http://www.cbp.gov/xp/cgov/border_security/bs/. Accessed Sept 2008

  15. Tirman J (2006) Immigration and insecurity: post-9/11 fear in the United States, MIT Center for International Studies. Available at http://borderbattles.ssrc.org/Tirman/. Accessed Sept 2008

  16. Park J (2008) The economic impacts of dirty bomb attacks on the Los Angeles and Long Beach Ports: applying the supply-driven NIEMO (National Interstate Economic Model). J Homel Secur Emerg Manage 5(1)

    Google Scholar 

  17. Park J, Gordon P, Moore JE II, Richardson HW, Wang L (2007) Simulating the state-by-state effects of terrorist attacks on three major US ports: applying NIEMO (National Interstate Economic Model). In: Richardson HW, Gordon P, Moore JE II (eds) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham, pp 208–234

    Google Scholar 

  18. Richardson HW, Gordon P, Moore JE II (eds) (2007) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham

    Google Scholar 

  19. Gordon P, Moore JE, Park JY, Richardson HW (2007) The economic impacts of a terrorist attack on the US commercial aviation system. Risk Anal 27(3):505–512

    Article  Google Scholar 

  20. Oxford Economics (2009) Aviation: the real world wide web. Onward Publishing, Inc

    Google Scholar 

  21. Park J, Gordon P, Moore JE II, Richardson HW (2008) The state-by-state economic impacts of the 2002 shutdown of the Los Angeles-Long Beach Ports. Growth Change 39(4):548–572

    Article  Google Scholar 

  22. Park J, Gordon P, Moore II JE, Richardson HW (2017) A new approach to quantifying the impact of Hurricane-disrupted oil refinery operations utilizing secondary data. Group decision and negotiation. Online published. https://doi.org/10.1007/s10726-017-9537-7

  23. Park J, Cho J, Rose A (2011) Modeling a major source of economic resilience to disasters: recapturing lost production. Nat Hazards 58(1):163–182

    Article  Google Scholar 

  24. Park J, Gordon P, Moore JE II, Richardson HW (2009) A two-step approach to estimating state-to-state commodity trade flows. Ann Reg Sci 43(4):1033–1072

    Article  Google Scholar 

  25. Kakkar M (2011) CBI believes cyber attack led to IGI airport’s technical problems in June, Sept 25 2011. Available at http://www.zdnet.com/blog/india/cbi-believes-cyber-attack-led-to-igi-airports-technical-problems-in-june/710. Accessed December 2012

  26. Dolgow M (2012) Cyberwars reach a new frontier: the Airport. Guerras cibernéticas alcanza frontera nueva: El aeropuerto), Bloomberg Businessweek, 15. Available at http://www.businessweek.com/articles/2012-08-15/cyber-wars-reach-a-new-frontier-the-airport. Accessed Dec 2012

  27. AFP (2010) Airliners fly in face of cyber attack scares: What would happen if all those screens tracking all those flights suddenly went blank? 3 Nov 2010. Available at http://news.discovery.com/tech/cyber-attack-air-traffic.html. Accessed Dec 2012

  28. Tafoya WL (2011) Cyber terror, FBI law enforcement bulletin, November. Available at http://www.fbi.gov/stats-services/publications/law-enforcement-bulletin/november-2011/cyber-terror. Accessed Dec 2012

  29. Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, Savage S (2010, May) Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (SP), pp 447–462. IEEE

    Google Scholar 

  30. Ignelzi L (2012) Hackers manipulated railway computers, TSA memo says. http://www.nextgov.com/cybersecurity/2012/01/hackers-manipulated-railway-computers-tsa-memo-says/50498/. Accessed on 10 June 2012

  31. Benkler Y (2011) The unselfish gene. Harvard Bus Rev 89(7/8):77–85

    Google Scholar 

  32. McCain RA (2009) Game theory and public policy. Edward Elgar, Cheltenham

    Book  Google Scholar 

  33. Benkler Y (2011a) The penguin and the Leviathan: the triumph of cooperation over self-interest, 1st. Crown Business, New York, NY

    Google Scholar 

  34. Nowak M, Highfield R (2011) SuperCooperators: altruism, evolution, and why we need each other to succeed. Free Press

    Google Scholar 

  35. Sandler T, Arce M (2003) Pure public goods versus commons: benefit-cost duality. Land Econ 79(3):355–368

    Article  Google Scholar 

  36. Zhuang J, Bier VM (2007) Balancing terrorism and natural disasters-defensive strategy with endogenous attacker effort. Oper Res 55(5):976–991

    Article  Google Scholar 

  37. Frey BS, Luechinger S (2003) How to fight terrorism: alternatives to deterrence. Defence Peace Econ 14(4):237–249

    Article  Google Scholar 

  38. Perrow C (2006) Shrink the targets continued. Spectrum 43(9):46–49

    Article  Google Scholar 

  39. Keohane NO, Zeckhauser RJ (2003) The ecology of terror defense. J Risk Uncertainty 26:201–229

    Article  Google Scholar 

  40. Chenery HB (1953) Regional analysis. In: Chenery HB, Clark PG, Pinna VC (eds) The structure and growth of the Italian economy. US Mutual Security Agency, Rome, pp 98–139

    Google Scholar 

  41. Moses LN (1955) The stability of interregional trading patterns and input-output analysis. Am Econ Rev 45(5):803–826

    Google Scholar 

  42. Isard W (1951) Interregional and regional input-output analysis: a model of a space-economy. Rev Econ Stat 33:318–328

    Article  Google Scholar 

  43. Isard W (1960) Methods of regional analysis: an introduction to regional science. The MIT Press

    Google Scholar 

  44. Polenske (1980) The US multiregional input-output accounts and model. DC Health, Lexington, MA

    Google Scholar 

  45. Jack Faucett Associates, INC (1983) The multiregional input-output accounts, 1977: introduction and summary, vol. I (Final report), prepared for the US Department of Health and Human Services, Washington

    Google Scholar 

  46. Miller RE, Shao G (1990) Spatial and sectoral aggregation in the commodity-industry multiregional input-output model. Environ Plan A 22(12):1637–1656

    Article  Google Scholar 

  47. Park J, Gordon P (2005) An evaluation of input-output aggregation error using a new MRIO model. In: Paper presented at North American meetings of the regional science association international 52nd annual conference, Riviera Hotel & Casino, Las Vegas, NV, 10–12 Nov

    Google Scholar 

  48. Richardson HW, Gordon P, Moore JE II, Park J, Kim S, Pan Q (2007) Tourism and terrorism: the national and interregional economic impacts of attacks on major US theme parks. In: Richardson HW, Gordon P, Moore JE II (eds) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham, pp 235–253

    Chapter  Google Scholar 

  49. Gordon P, Moore J, Park J, Richardson H (2009) The economic costs of border closure: a state-by-state analysis. In: Richardson HW, Gordon P, Moore JE II (eds) Global business and the terrorist threat. Edward Elgar, Cheltenham, pp 341–374

    Google Scholar 

  50. Skaperdas S (1996) Contest success functions. Econ Theor 7(2):283–290

    Article  Google Scholar 

  51. Hausken K (2004) Mutual raiding of production and the emergence of exchange. Econ Inq 42(4):572–586

    Article  Google Scholar 

  52. Poole RW Jr (2007) Airport security: time for a new model. In: Richardson HW, Gordon P, Moore JE II (eds) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham, pp 67–97

    Google Scholar 

  53. McDaniels T, Chang S, Cole D, Mikawoz J, Longstaff H (2008) Fostering resilience to extreme events within infrastructure systems: characterizing decision contexts for mitigation and adaptation. Glob Environ Change 18(2):310–318

    Article  Google Scholar 

  54. Rose A (2004) Defining and measuring economic resilience to disasters. Disaster Prev Manage: Internat J 13(4):307–314

    Article  Google Scholar 

  55. Rose A (2007) Economic resilience to disasters: multidisciplinary origins and contextual dimensions. Environ Hazards: Hum Soc Dimensions (forthcoming)

    Google Scholar 

  56. Adger WN (2000) Social and ecological resilience: are they related? Prog Hum Geogr 24(3):347–364

    Article  Google Scholar 

  57. Park J, Gordon P, Jun E, Moore II JE, Richardson HW (2009b) Identifying the regional economic impacts of 9/11. Peace Econ Peace Sci Public Policy 15(2), Article 6

    Google Scholar 

  58. Rose AZ, Oladosu G, Lee B, Asay GB (2009) The economic impacts of the September 11 terrorist attacks: a computable general equilibrium analysis. Peace Econ Peace Sci Pub Policy 15(2), Article 4

    Google Scholar 

  59. Federal Emergency Management Agency (FEMA) (1997) HAZUS®99 earthquake loss estimation methodology: user’s manual

    Google Scholar 

  60. Rose A, Lim D (2002) Business interruption losses from natural hazards: conceptual and methodological issues in the case of the Northridge earthquake. Glob Environ Change B: Environ Hazards 4(1):1–14

    Google Scholar 

  61. Rose A, Oladosu G, Liao SY (2007) Business interruption impacts of a terrorist attack on the electric power system of Los Angeles: customer resilience to a total blackout. Risk Anal 27(3):513–531

    Article  Google Scholar 

  62. Park JY, Gordon P, Moore JE II, Richardson HW, Kim S, Kim Y (2008b) Estimating the state-by-state economic impacts of Hurricane Katrina. In: Richardson HW, Gordon P, Moore JE II (eds) Natural disaster analysis after Hurricane Katrina. Edward Elgar, Cheltenham, pp 147–186

    Google Scholar 

  63. Carnegie Mellon University (2006) CERT/CC vulnerability discovery project, CERT Coordination Center, Software Engineering Institute, Pittsburgh Pennsylvania

    Google Scholar 

Download references

Acknowledgements

The authors wish to thank our institutional sponsor for this project: the U.S. Department of Transportation through the University Transportation Research Center, Region II (under the UTRC contract number 49997-38-24, DRTC-G-UTC02). However, any opinions, findings, conclusions, or recommendations in this article are those of the authors and do not necessarily reflect the views of the institute. Also, we wish to acknowledge the helpful inputs received from Professors Peter Gordon (University of Southern California) and the authors are also grateful to Professors Shambhu Upadhyaya, Raghav H. Rao, Jun Zhuang, and Changhyun Kwon at the University at Buffalo for their valuable comments.

Author information

Authors and Affiliations

  1. Department of Urban and Regional Planning, University at Buffalo, Buffalo, USA

    JiYoung Park

  2. University of Hawaii-West Oahu, 91-1001 Farrington Highway, Kapolei, HI, 96707, USA

    Jason Levy

  3. Korea Institute of Civil Engineering and Building Technology, Goyang, Korea

    Minsu Son

  4. Korea Environment Institute (KEI), Seoul, Korea

    Changkeun Park

  5. University at Buffalo, The State University of New York, Buffalo, USA

    Ha Hwang

Authors
  1. JiYoung Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jason Levy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Minsu Son
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Changkeun Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ha Hwang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jason Levy .

Editor information

Editors and Affiliations

  1. Global Disaster Management, Humanitarian Assistance and Homeland Security, University of South Florida, Tampa, Florida, USA

    Anthony J. Masys

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Park, J., Levy, J., Son, M., Park, C., Hwang, H. (2018). Advances in Cybersecurity Design: An Integrated Framework to Quantify the Economic Impacts of Cyber-Terrorist Behavior. In: Masys, A. (eds) Security by Design. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-78021-4_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-78021-4_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-78020-7

  • Online ISBN: 978-3-319-78021-4

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics

Search

Navigation