This paper models the 2017 WannaCry ransomware attack on the UK’s National Health Service (NHS) using a self-modeling adaptive network approach. Grounded in the Cyber Kill Chain and MEHARI risk framework, the model simulates the technical and organizational dynamics of the attack, including ransomware spread, system failures, and risk escalation. A probabilistic What-If analysis shows how encryption speed, learning rates, and escalation thresholds influence patient risk over time. Results highlight the need for faster containment, lower thresholds for response, and system-wide preparedness to prevent cascading failures.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Dynamic Cyber Risk Assessment in Critical Infrastructure: An Adaptive Self-modeling Network Analysis of WannaCry’s Impact on the NHS

  • Ana Feraru,
  • Eleni Foukkari,
  • Kirsten Hoijer,
  • Greta Odor,
  • Beyonce Ponce,
  • Okko Van der Borg,
  • Wissal Mestour,
  • Jan Treur,
  • Peter H. M. P. Roelofsma

摘要

This paper models the 2017 WannaCry ransomware attack on the UK’s National Health Service (NHS) using a self-modeling adaptive network approach. Grounded in the Cyber Kill Chain and MEHARI risk framework, the model simulates the technical and organizational dynamics of the attack, including ransomware spread, system failures, and risk escalation. A probabilistic What-If analysis shows how encryption speed, learning rates, and escalation thresholds influence patient risk over time. Results highlight the need for faster containment, lower thresholds for response, and system-wide preparedness to prevent cascading failures.