Colonial Pipeline Ransomware Attack: Computational Analysis Based on an Adaptive Network Model
摘要
This paper papers research that aims to investigate the Colonial Pipeline ransomware attack by utilizing the Cyber Kill Chain framework and MATLAB modeling and applying it to the multistage cyberattack simulation. The primary objective of this research is to explore how different protocols of cybersecurity controls (e.g. multi-factor authentication (MFA) and incident response teams) influence the progressive and impactful ability of ransomware attacks on critical infrastructure. Briefly stated, The Colonial Pipeline incident, which affected almost half of the U.S. East Coast’s fuel supply in 2021 will serve as the appropriate case study in order to dissect the vulnerabilities in interconnected supply chains. This research will simulate the attack as a sequence of interconnected states, ranging from reconnaissance to recovery, and simulating how changes in important variables such as Vendor Access Control, Network Vulnerability, Incident Response Time, and Downtime Duration can change the outcome of the attack. Furthermore, two “what-if” scenarios are analyzed: Secure VPN with Multi-Factor Authentication and Response Team for Mitigation. These simulations are able to demonstrate the proactive security measures to significantly reduce attack success rates and operational downtime whilst containment and recovery speed can be improved through reactive measures. By integrating two effective measures such as adaptive modeling and scenario-based simulations, this research will be able to emphasize the importance of not only technical defense strategies, however also, organizational preparedness through mitigating cyber threats. Moreover, the findings will support the use of simulation tools for risk assessment and strategic planning in cybersecurity for critical infrastructure.