Abstract
An integrated framework to quantify the economic impacts of cyber-attacks on the U.S. airport security systems is put forth. A cyber-attack on the United States would involve complex strategic behavior by terrorists, who could invade an airport electronic system without any U.S. border or entry point. At the same time, defending entities must consider the complex processes that may cause any turmoil. The possibility of simultaneous threats from cyber-attacks makes it more difficult for defending entities to secure their airports, highlighting the need for improved and integrated inter-governmental collaboration. Collaborative networking requires close inter-governmental coordination to overcome such cyber-terrorism to protect critical infrastructure systems. Constructing a new model for strategic cyber-terror security requires a combination of competitive and cooperative game situations to develop specific strategies against cyber-terrorism. In addition, an airport shutdown would have ripple effects throughout domestic and international economies; these effects must be analyzed with a spatially disaggregate economic model. Combining competitive and cooperative game situations with an economic impact model, this study proposes the Game Theoretic National Interstate Economic Model (G-NIEMO) framework. G-NIEMO identifies which airport may be most vulnerable in the event that an airport electronic system is shut down. Using the probabilistic costs of airport closures, the model identifies the economic importance of cyber security by event location and industry type. From G-NIEMO, equilibrium strategies to protect U.S. airport systems can be developed and a general guideline for the evaluation of resource allocation can be provided to U.S. government agencies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Center for Strategic and International Studies (2011) Significant cyber incidents since 2006. http://csis.org/files/publication/110606_Significant_Cyber_Incidents_Since_2006.pdf
General Accountability Office (2011) Cybersecurity: continued attention needed to protect our nation’s critical infrastructure and federal information systems, US Government, 16 Mar 2011
Goldman J (2010) CIO Insight, federal investment in cyber security to reach $13.3 billion by 2015. Government-CIO Insight. 29 Dec 2010. http://www.cioinsight.com/c/a/Government/Federal-Investment-in-Cyber-Security-to-Reach-133-Billion-by-2015-305281/
Thomas M, Dhillon G (2011) Interpreting deep structures of information systems security. Comput J Adv Access
Dhillon G, Backhouse J (2000) Technical opinion: information systems security management in the new millennium. Commun ACM 43(7)
Dhillon G, Torkzadeh G (2006) Value-focused assessment of information systems security in organizations. Inform Syst:293–314
Siponen MK (2005) An analysis of the traditional IS security approaches: implications for research and practice. Eur J Inf Syst 14, 3 (September 2005):303–315
Krauss L (1972) SAFE: security audit and field evaluation for computer facilities and information systems. Amacon, New York
Broder JF, Tucker E (2012) Risk analysis and the security survey. Elsevier, Waltham
Landwehr CE (1981) Formal models for computer security. ACM Computer Survey 13, 3w (Sept), pp 247–278
McLean J (1990) The specification and modeling of computer security. Computer 23, 1 (Jan), pp 9–16
Yang Y, Zhou Y (2011) Fuzzy logic based method for network information security risk assessment. In: International conference on internet technology and applications. IEEE, Wuhan
Reason JT (1990) Human error. Cambridge University Press
CBP (2008) About border security. Available at http://www.cbp.gov/xp/cgov/border_security/bs/. Accessed Sept 2008
Tirman J (2006) Immigration and insecurity: post-9/11 fear in the United States, MIT Center for International Studies. Available at http://borderbattles.ssrc.org/Tirman/. Accessed Sept 2008
Park J (2008) The economic impacts of dirty bomb attacks on the Los Angeles and Long Beach Ports: applying the supply-driven NIEMO (National Interstate Economic Model). J Homel Secur Emerg Manage 5(1)
Park J, Gordon P, Moore JE II, Richardson HW, Wang L (2007) Simulating the state-by-state effects of terrorist attacks on three major US ports: applying NIEMO (National Interstate Economic Model). In: Richardson HW, Gordon P, Moore JE II (eds) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham, pp 208–234
Richardson HW, Gordon P, Moore JE II (eds) (2007) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham
Gordon P, Moore JE, Park JY, Richardson HW (2007) The economic impacts of a terrorist attack on the US commercial aviation system. Risk Anal 27(3):505–512
Oxford Economics (2009) Aviation: the real world wide web. Onward Publishing, Inc
Park J, Gordon P, Moore JE II, Richardson HW (2008) The state-by-state economic impacts of the 2002 shutdown of the Los Angeles-Long Beach Ports. Growth Change 39(4):548–572
Park J, Gordon P, Moore II JE, Richardson HW (2017) A new approach to quantifying the impact of Hurricane-disrupted oil refinery operations utilizing secondary data. Group decision and negotiation. Online published. https://doi.org/10.1007/s10726-017-9537-7
Park J, Cho J, Rose A (2011) Modeling a major source of economic resilience to disasters: recapturing lost production. Nat Hazards 58(1):163–182
Park J, Gordon P, Moore JE II, Richardson HW (2009) A two-step approach to estimating state-to-state commodity trade flows. Ann Reg Sci 43(4):1033–1072
Kakkar M (2011) CBI believes cyber attack led to IGI airport’s technical problems in June, Sept 25 2011. Available at http://www.zdnet.com/blog/india/cbi-believes-cyber-attack-led-to-igi-airports-technical-problems-in-june/710. Accessed December 2012
Dolgow M (2012) Cyberwars reach a new frontier: the Airport. Guerras cibernéticas alcanza frontera nueva: El aeropuerto), Bloomberg Businessweek, 15. Available at http://www.businessweek.com/articles/2012-08-15/cyber-wars-reach-a-new-frontier-the-airport. Accessed Dec 2012
AFP (2010) Airliners fly in face of cyber attack scares: What would happen if all those screens tracking all those flights suddenly went blank? 3 Nov 2010. Available at http://news.discovery.com/tech/cyber-attack-air-traffic.html. Accessed Dec 2012
Tafoya WL (2011) Cyber terror, FBI law enforcement bulletin, November. Available at http://www.fbi.gov/stats-services/publications/law-enforcement-bulletin/november-2011/cyber-terror. Accessed Dec 2012
Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, Savage S (2010, May) Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (SP), pp 447–462. IEEE
Ignelzi L (2012) Hackers manipulated railway computers, TSA memo says. http://www.nextgov.com/cybersecurity/2012/01/hackers-manipulated-railway-computers-tsa-memo-says/50498/. Accessed on 10 June 2012
Benkler Y (2011) The unselfish gene. Harvard Bus Rev 89(7/8):77–85
McCain RA (2009) Game theory and public policy. Edward Elgar, Cheltenham
Benkler Y (2011a) The penguin and the Leviathan: the triumph of cooperation over self-interest, 1st. Crown Business, New York, NY
Nowak M, Highfield R (2011) SuperCooperators: altruism, evolution, and why we need each other to succeed. Free Press
Sandler T, Arce M (2003) Pure public goods versus commons: benefit-cost duality. Land Econ 79(3):355–368
Zhuang J, Bier VM (2007) Balancing terrorism and natural disasters-defensive strategy with endogenous attacker effort. Oper Res 55(5):976–991
Frey BS, Luechinger S (2003) How to fight terrorism: alternatives to deterrence. Defence Peace Econ 14(4):237–249
Perrow C (2006) Shrink the targets continued. Spectrum 43(9):46–49
Keohane NO, Zeckhauser RJ (2003) The ecology of terror defense. J Risk Uncertainty 26:201–229
Chenery HB (1953) Regional analysis. In: Chenery HB, Clark PG, Pinna VC (eds) The structure and growth of the Italian economy. US Mutual Security Agency, Rome, pp 98–139
Moses LN (1955) The stability of interregional trading patterns and input-output analysis. Am Econ Rev 45(5):803–826
Isard W (1951) Interregional and regional input-output analysis: a model of a space-economy. Rev Econ Stat 33:318–328
Isard W (1960) Methods of regional analysis: an introduction to regional science. The MIT Press
Polenske (1980) The US multiregional input-output accounts and model. DC Health, Lexington, MA
Jack Faucett Associates, INC (1983) The multiregional input-output accounts, 1977: introduction and summary, vol. I (Final report), prepared for the US Department of Health and Human Services, Washington
Miller RE, Shao G (1990) Spatial and sectoral aggregation in the commodity-industry multiregional input-output model. Environ Plan A 22(12):1637–1656
Park J, Gordon P (2005) An evaluation of input-output aggregation error using a new MRIO model. In: Paper presented at North American meetings of the regional science association international 52nd annual conference, Riviera Hotel & Casino, Las Vegas, NV, 10–12 Nov
Richardson HW, Gordon P, Moore JE II, Park J, Kim S, Pan Q (2007) Tourism and terrorism: the national and interregional economic impacts of attacks on major US theme parks. In: Richardson HW, Gordon P, Moore JE II (eds) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham, pp 235–253
Gordon P, Moore J, Park J, Richardson H (2009) The economic costs of border closure: a state-by-state analysis. In: Richardson HW, Gordon P, Moore JE II (eds) Global business and the terrorist threat. Edward Elgar, Cheltenham, pp 341–374
Skaperdas S (1996) Contest success functions. Econ Theor 7(2):283–290
Hausken K (2004) Mutual raiding of production and the emergence of exchange. Econ Inq 42(4):572–586
Poole RW Jr (2007) Airport security: time for a new model. In: Richardson HW, Gordon P, Moore JE II (eds) The economic costs and consequences of terrorism. Edward Elgar, Cheltenham, pp 67–97
McDaniels T, Chang S, Cole D, Mikawoz J, Longstaff H (2008) Fostering resilience to extreme events within infrastructure systems: characterizing decision contexts for mitigation and adaptation. Glob Environ Change 18(2):310–318
Rose A (2004) Defining and measuring economic resilience to disasters. Disaster Prev Manage: Internat J 13(4):307–314
Rose A (2007) Economic resilience to disasters: multidisciplinary origins and contextual dimensions. Environ Hazards: Hum Soc Dimensions (forthcoming)
Adger WN (2000) Social and ecological resilience: are they related? Prog Hum Geogr 24(3):347–364
Park J, Gordon P, Jun E, Moore II JE, Richardson HW (2009b) Identifying the regional economic impacts of 9/11. Peace Econ Peace Sci Public Policy 15(2), Article 6
Rose AZ, Oladosu G, Lee B, Asay GB (2009) The economic impacts of the September 11 terrorist attacks: a computable general equilibrium analysis. Peace Econ Peace Sci Pub Policy 15(2), Article 4
Federal Emergency Management Agency (FEMA) (1997) HAZUS®99 earthquake loss estimation methodology: user’s manual
Rose A, Lim D (2002) Business interruption losses from natural hazards: conceptual and methodological issues in the case of the Northridge earthquake. Glob Environ Change B: Environ Hazards 4(1):1–14
Rose A, Oladosu G, Liao SY (2007) Business interruption impacts of a terrorist attack on the electric power system of Los Angeles: customer resilience to a total blackout. Risk Anal 27(3):513–531
Park JY, Gordon P, Moore JE II, Richardson HW, Kim S, Kim Y (2008b) Estimating the state-by-state economic impacts of Hurricane Katrina. In: Richardson HW, Gordon P, Moore JE II (eds) Natural disaster analysis after Hurricane Katrina. Edward Elgar, Cheltenham, pp 147–186
Carnegie Mellon University (2006) CERT/CC vulnerability discovery project, CERT Coordination Center, Software Engineering Institute, Pittsburgh Pennsylvania
Acknowledgements
The authors wish to thank our institutional sponsor for this project: the U.S. Department of Transportation through the University Transportation Research Center, Region II (under the UTRC contract number 49997-38-24, DRTC-G-UTC02). However, any opinions, findings, conclusions, or recommendations in this article are those of the authors and do not necessarily reflect the views of the institute. Also, we wish to acknowledge the helpful inputs received from Professors Peter Gordon (University of Southern California) and the authors are also grateful to Professors Shambhu Upadhyaya, Raghav H. Rao, Jun Zhuang, and Changhyun Kwon at the University at Buffalo for their valuable comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Park, J., Levy, J., Son, M., Park, C., Hwang, H. (2018). Advances in Cybersecurity Design: An Integrated Framework to Quantify the Economic Impacts of Cyber-Terrorist Behavior. In: Masys, A. (eds) Security by Design. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-78021-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-78021-4_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78020-7
Online ISBN: 978-3-319-78021-4
eBook Packages: Law and CriminologyLaw and Criminology (R0)