The National Centers of Academic Excellence in Cybersecurity has awarded $637,223 to Indian American computer science professor Brajendra Panda to improve recovery methods for critical infrastructure systems following a cyberattack.
Critical infrastructure (CI) includes things like the power grid, gas and oil pipelines, military installations, and hospitals.
Panda, a University of Arkansas professor of computer science and computer engineering, says that the interdependence and interconnection of CI systems make them more vulnerable to cyberattacks and can cause initial damage to spread quickly to other systems.
“Thus, a small vulnerability in one of these systems can result in crippling a large number of them,” Panda said. “These systems are of heterogeneous type by nature, meaning they contain both heterogeneous software and data.”
Due to the complexity of CI systems, recovering them can cause significant delays, which is concerning given the time-sensitive nature of the functions these systems provide, such as electricity.
An example of a recent attack on critical infrastructure is the ransomware attack on the Colonial Pipeline last year. The pipeline system originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States.
The attack on computerized equipment left the pipeline down for six days while the company forked over an estimated $4.4 million in Bitcoin to pay the attackers (though much of it was subsequently recovered).
Panda aims to develop fast, accurate, and efficient recovery mechanisms that, when coupled with the expeditious damage assessment techniques he has already developed, will offer an “integrated suite solution”.
This will allow affected CI systems to continue running while providing as many critical functionalities as possible.