{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T05:58:15Z","timestamp":1780466295987,"version":"3.54.1"},"reference-count":175,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"name":"Laboratory Directed Research and Development Program through the DOE Idaho Operations Office","award":["DE-AC07-05ID14517"],"award-info":[{"award-number":["DE-AC07-05ID14517"]}]},{"name":"Resilient Control and Instrumentation Systems (ReCIS) Program"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2021]]},"DOI":"10.1109\/access.2021.3133348","type":"journal-article","created":{"date-parts":[[2021,12,6]],"date-time":"2021-12-06T20:54:48Z","timestamp":1638824088000},"page":"165295-165325","source":"Crossref","is-referenced-by-count":83,"title":["Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents"],"prefix":"10.1109","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1280-6568","authenticated-orcid":false,"given":"Georgios Michail","family":"Makrakis","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3020-291X","authenticated-orcid":false,"given":"Constantinos","family":"Kolias","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6348-5031","authenticated-orcid":false,"given":"Georgios","family":"Kambourakis","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3198-8838","authenticated-orcid":false,"given":"Craig","family":"Rieger","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jacob","family":"Benjamin","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref170","doi-asserted-by":"publisher","DOI":"10.1109\/SPW53761.2021.00058"},{"key":"ref172","doi-asserted-by":"publisher","DOI":"10.1109\/ICCD50377.2020.00021"},{"key":"ref171","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2833063"},{"key":"ref174","doi-asserted-by":"publisher","DOI":"10.1109\/TDMR.2020.2994016"},{"key":"ref173","doi-asserted-by":"publisher","DOI":"10.1109\/ICCA.2019.8899564"},{"key":"ref175","doi-asserted-by":"publisher","DOI":"10.1109\/ICCA.2019.8899564"},{"key":"ref168","doi-asserted-by":"publisher","DOI":"10.1109\/WCICSS.2016.7882935"},{"key":"ref169","first-page":"2","article-title":"Ge Multilin SR protective relays passcode vulnerability","volume":"5","author":"keliris","year":"2017","journal-title":"Black Hat USA"},{"key":"ref39","year":"2021","journal-title":"Shamoon Destructive Threat Re-Emerges with New Sting in its Tail"},{"key":"ref38","year":"2021","journal-title":"FireEye Responds to Wave of Destructive Cyber Attacks in Gulf Region"},{"key":"ref33","author":"carr","year":"2021","journal-title":"Qas Iran Responsible for Saudi Aramco’s Network Attack?"},{"key":"ref32","author":"mackenzie","year":"2021","journal-title":"Shamoon Malware and SCADA Security—What are the Impacts? | Tofino Industrial Security Solution"},{"key":"ref31","year":"2021","journal-title":"The Shamoon Attacks"},{"key":"ref30","year":"2015","journal-title":"The Duqu 2 0"},{"key":"ref37","author":"edwards","year":"2021","journal-title":"Eldos Provides Raw Disk Access for Vista and XP"},{"key":"ref36","year":"2021","journal-title":"Shamoon the Wiper Further Details (Part II)"},{"key":"ref35","year":"2021","journal-title":"Shamoon\/Disttrack Malware (Update B)"},{"key":"ref34","author":"falcone","year":"2021","journal-title":"Shamoon 2 Return of the Disttrack Wiper"},{"key":"ref28","first-page":"2","volume":"4","author":"chien","year":"0","journal-title":"W32 duqu the Precursor to the Next Stuxnet"},{"key":"ref27","year":"2021","journal-title":"Langner’s Stuxnet Deep Dive"},{"key":"ref29","year":"0","journal-title":"Duqu Updated Targeting Information"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2020.100356"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2020.2987688"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2020.03.007"},{"key":"ref24","first-page":"29","volume":"5","author":"falliere","year":"2011","journal-title":"W32 stuxnet Dossier"},{"key":"ref23","article-title":"The diamond model of intrusion analysis","author":"caltagirone","year":"2013"},{"key":"ref101","year":"2016","journal-title":"Verizon Data breach digest scenarios from the field"},{"key":"ref26","first-page":"18","author":"mcdonald","year":"2013","journal-title":"StuxNet 0 5 Themissing link"},{"key":"ref100","author":"connor","year":"2015","journal-title":"Iranian Hackers Claim Cyber Attack on New York Dam"},{"key":"ref25","author":"langner","year":"2013","journal-title":"A technical analysis of what StuxNet’s creators tried toachieve"},{"key":"ref50","article-title":"Blackenergy—What we really know about the notorious cyber attacks","author":"cherepanov","year":"0","journal-title":"Virus Bulletin Conference October"},{"key":"ref51","author":"cherepanov","year":"0","journal-title":"BlackEnergy by the SSHBearDoor attacks against Ukrainian news media and electric industry"},{"key":"ref154","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45477-1_6"},{"key":"ref153","doi-asserted-by":"publisher","DOI":"10.1109\/IIH-MSP.2013.112"},{"key":"ref156","first-page":"6","article-title":"On dynamic malware payloads aimed at programmable logic controllers","author":"mclaughlin","year":"2011","journal-title":"Proc HotSec"},{"key":"ref155","article-title":"Assessing the security of OPC UA deployments","author":"roepert","year":"2020","journal-title":"arXiv 2003 12341"},{"key":"ref150","first-page":"75","article-title":"Attacking fieldbus communications in ICS: Applications to the swat testbed","author":"urbina","year":"2016","journal-title":"Proc SG-CRC"},{"key":"ref152","doi-asserted-by":"publisher","DOI":"10.7763\/IJCCE.2014.V3.339"},{"key":"ref151","doi-asserted-by":"publisher","DOI":"10.1145\/3174776.3174780"},{"key":"ref146","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(18)30008-4"},{"key":"ref147","doi-asserted-by":"publisher","DOI":"10.3390\/sym12040579"},{"key":"ref148","first-page":"58","article-title":"Exploitation of Allen Bradley’s implementation of EtherNet\/IP for denial of service against industrial control systems","author":"grandgenett","year":"2014","journal-title":"Proc 9th Int Conf Cyber Warfare Secur (ICCWS)"},{"key":"ref149","first-page":"1","article-title":"EtherNet\/IP industrial protocol white paper","author":"brook","year":"2001","journal-title":"Proc IEEE EFTA"},{"key":"ref59","author":"lee","year":"2017","journal-title":"CrashOverride Analysis of the threat to electric grid operations"},{"key":"ref58","year":"2021","journal-title":"Gentilkiwi Mimikatz"},{"key":"ref57","author":"slowik","year":"2021","journal-title":"Anatomy of an Attack Detecting and Defeating Crashoverride"},{"key":"ref56","first-page":"17","author":"cherepanov","year":"2016","journal-title":"WIN32\/INDUSTROYER A new threat for industrial control systems"},{"key":"ref55","author":"behr","year":"2021","journal-title":"Grid Hack Exposes Troubling Security Gaps for Local Utilities"},{"key":"ref54","first-page":"82","article-title":"Industrial cybersecurity threat briefing","author":"hamilton","year":"2016"},{"key":"ref53","volume":"388","author":"case","year":"2016","journal-title":"Analysis of the Cyber Attack on the Ukrainian Power Grid"},{"key":"ref52","year":"2016","journal-title":"Overload Critical Lessons from 15 Years of ICS Vulnerabilities"},{"key":"ref40","year":"2021","journal-title":"ICS Focused Malware | CISA"},{"key":"ref167","first-page":"22","author":"klick","year":"2015","journal-title":"Internet-facing PLCS—A new back orifice"},{"key":"ref166","first-page":"723","article-title":"Exploiting Siemens simatic S7 PLCs","volume":"16","author":"beresford","year":"2011","journal-title":"Black Hat USA"},{"key":"ref165","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23313"},{"key":"ref164","first-page":"1","article-title":"PLC-blaster: A worm living solely in the PLC","volume":"16","author":"spenneberg","year":"2016","journal-title":"Black Hat Asia"},{"key":"ref163","doi-asserted-by":"publisher","DOI":"10.1109\/COMAPP.2018.8460287"},{"key":"ref162","first-page":"110","article-title":"On ladder logic bombs in industrial control systems","author":"govil","year":"2017","journal-title":"Computer Security"},{"key":"ref161","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22312-0_3"},{"key":"ref160","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2019.23074"},{"key":"ref4","author":"knapp","year":"2014","journal-title":"Industrial Network Security Securing Critical Infrastructure Networks for Smart Grid SCADA and Other Industrial Control Systems"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1016\/0166-3615(94)90017-5"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-82r2"},{"key":"ref5","author":"ackerman","year":"2017","journal-title":"Industrial Cybersecurity Efficiently Secure Critical Infrastructure Systems"},{"key":"ref159","doi-asserted-by":"publisher","DOI":"10.1145\/3176258.3176319"},{"key":"ref8","year":"2009","journal-title":"National Strategy for Critical Infrastructure Protection (CIP Strategy)"},{"key":"ref49","author":"polityuk","year":"0","journal-title":"Ukraine Sees Russian Hand in Cyber Attacks on Power Grid"},{"key":"ref7","year":"2013","journal-title":"NIPP 2013 Partnering for Critical Infrastructure Security and Resilience"},{"key":"ref157","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382244"},{"key":"ref158","article-title":"ICSREF: A framework for automated reverse engineering of industrial control systems binaries","author":"keliris","year":"2018","journal-title":"arXiv 1812 03478"},{"key":"ref9","year":"2018","journal-title":"Critical Infrastructure Resilience Strategy"},{"key":"ref46","author":"baumgartner","year":"0","journal-title":"BE2 Custom Plugins Router Abuse and Target Profiles"},{"key":"ref45","year":"0","journal-title":"D of Homeland Security Cyber-Attack Against Ukrainian Critical Infrastructure | CISA"},{"key":"ref48","first-page":"17","article-title":"A new threat for industrial control systems","author":"cherepanov","year":"2016"},{"key":"ref47","year":"0","journal-title":"BlackEnergy APT Attacks in Ukraine Employ Spearphishing With World Documents"},{"key":"ref42","first-page":"18","volume":"7","author":"response","year":"2014","journal-title":"Dragonfly Cyberespionage attacks against energy suppliers"},{"key":"ref41","first-page":"27","author":"nelson","year":"0","journal-title":"The Impact of Dragonfly Malware on Industrial Control Systems"},{"key":"ref44","year":"0","journal-title":"Havex it’s Down With OPC Library Catalog Www Fireeye Com"},{"key":"ref43","article-title":"A quantitative evaluation of the target selection of Havex ICS malware plugin","author":"rrushi","year":"2015","journal-title":"Proc Ind Control Syst Secur (ICSS) Workshop"},{"key":"ref127","first-page":"57","article-title":"Practical modbus flooding attack and detection","volume":"149","author":"bhatia","year":"2014","journal-title":"Proc 12th Australas Inf Secur Conf (AISC) Conferences Res Pract Inf Technol"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.15394\/jdfsl.2014.1162"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2013.174"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2008.08.003"},{"key":"ref73","author":"security","year":"2017","journal-title":"Wannacrypt ransomware worm targets out-of-date systems"},{"key":"ref72","year":"2021","journal-title":"Foreign Cyber Actors Target Home and Office Routers and Networked Devices Worldwide"},{"key":"ref129","first-page":"219","article-title":"Side channel attacks over encrypted TCP\/IP Modbus reveal functionality leaks","author":"tsalis","year":"2018","journal-title":"ICE Proceedings"},{"key":"ref71","year":"2021","journal-title":"Security Advisory for Vpnfilter Malware"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1109\/ICITST.2016.7856685"},{"key":"ref70","year":"2021","journal-title":"VPNFilter New Router Malware with Destructive Capabilities"},{"key":"ref76","year":"2017","journal-title":"WannaCry ransomware used in widespread attacks all over the world"},{"key":"ref77","year":"2017","journal-title":"How to Accidentally Stop Global Cyber Attacks"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2020.04.265"},{"key":"ref74","author":"field","year":"2018","journal-title":"WannaCry Cyber Attack Cost The NHS 92m as 19 000 Appointments Cancelled"},{"key":"ref75","author":"clark","year":"2017","journal-title":"The Worm That Spreads Wanacrypt0r"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2009.61"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/ICS2018.8"},{"key":"ref78","author":"mcbride","year":"2017","journal-title":"The Hours of Wannacry"},{"key":"ref131","doi-asserted-by":"publisher","DOI":"10.1109\/CQR.2015.7129084"},{"key":"ref79","year":"2017","journal-title":"Wannacry—New Kill-Switch New Sinkhole"},{"key":"ref132","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA.2006.355228"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_19"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-018-0315-0"},{"key":"ref138","first-page":"30","article-title":"Towards understanding man-in-the-middle attacks on IEC 60870-5-104 SCADA networks","author":"maynard","year":"2014","journal-title":"Proc 2nd Int Symp ICS & SCADA Cyber Secur Res (ICS-CSR)"},{"key":"ref137","doi-asserted-by":"publisher","DOI":"10.1109\/PESMG.2013.6672100"},{"key":"ref60","first-page":"16","year":"2019","journal-title":"CRASHOVERRIDE Reassessing the 2016 Ukraine Electric Power Event as a Protection-Focused Attack"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1109\/PESGM.2015.7286357"},{"key":"ref62","author":"giles","year":"2019","journal-title":"Triton is the world’s most murderous malware and it’s spreading"},{"key":"ref61","author":"johnson","year":"2017","journal-title":"Attackers deploy new ics attack framework triton and cause operational disruption to critical infrastructure"},{"key":"ref63","first-page":"1","article-title":"TRITON: The first ICS cyber attack on safety instrument systems","author":"di pinto","year":"2018","journal-title":"Proc Black Hat USA"},{"key":"ref64","author":"labs","year":"2018","journal-title":"Analyzing the Triton Industrial Malware"},{"key":"ref65","author":"events","year":"2018","journal-title":"Triton Schneider Electric Analysis and Disclosure"},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA.2016.7733644"},{"key":"ref66","year":"2017","journal-title":"Trisis-Triton-Hatman"},{"key":"ref141","first-page":"1","article-title":"IEC 61850 network cybersecurity: Mitigating goose message vulnerabilities","author":"da silveira","year":"2019","journal-title":"Proc 6th Annu PAC World Amer Conf"},{"key":"ref67","year":"2018","journal-title":"TRISIS Malware Analysis of Safety System Targeted Malware"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA.2009.5347043"},{"key":"ref68","author":"largent","year":"2021","journal-title":"New VPNFilter Malware Targets at Least 500K Networking Devices Worldwide"},{"key":"ref143","doi-asserted-by":"publisher","DOI":"10.1007\/s11241-020-09354-z"},{"key":"ref69","author":"largent","year":"2021","journal-title":"VPNFilter Update—VPNFilter Exploits Endpoints Targets New Devices"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-018-2337-2"},{"key":"ref144","first-page":"1","article-title":"KillerBee: Practical ZigBee exploitation framework","volume":"67","author":"wright","year":"2009","journal-title":"Proc 11th ToorCon Conf"},{"key":"ref145","doi-asserted-by":"publisher","DOI":"10.1145\/1506270.1506342"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26502-5_2"},{"key":"ref109","year":"2013","journal-title":"Targeted Cyber Intrusion Detection and Mitigation Strategies"},{"key":"ref95","first-page":"62","article-title":"German steel mill cyber attack","volume":"30","author":"lee","year":"2014","journal-title":"Ind Control Syst"},{"key":"ref108","first-page":"1","article-title":"Duqu: A StuxNet-like malware found in the wild","volume":"14","author":"bencs\u00e1th","year":"0"},{"key":"ref94","year":"2014","journal-title":"Die lage der it-sicherheit in deutschland 2014"},{"key":"ref107","first-page":"1","article-title":"Electricity grid in U.S. penetrated by spies","volume":"8","author":"gorman","year":"2009","journal-title":"Wall Street J"},{"key":"ref93","author":"kleymenov","year":"2021","journal-title":"Colonial Pipeline Ransomware Attack Revealing How Darkside Works"},{"key":"ref106","first-page":"1","article-title":"Elecrical supe charged with damaging California canal system","volume":"30","author":"goodin","year":"2007","journal-title":"Register"},{"key":"ref92","author":"roddie","year":"2021","journal-title":"Darkside Malware Profile"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219071"},{"key":"ref91","year":"2021","journal-title":"Cyber Threats in the Pipeline Using Lessons From the Colonial Ransomware Attack to Defend Critical Infrastructure"},{"key":"ref104","first-page":"1","article-title":"Slammer worm crashed Ohio nuke plant net","volume":"20","author":"poulsen","year":"2003","journal-title":"Register"},{"key":"ref90","author":"pipeline","year":"2021","journal-title":"Media Statement Update Colonial Pipeline System Disruption"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219056"},{"key":"ref102","year":"2018","journal-title":"Vericlave—The Kemuri Water Company Hack"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2781126"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101935"},{"key":"ref110","year":"2013","journal-title":"IEEE Recommended Practices"},{"key":"ref98","year":"2012","journal-title":"Denial of Service Attacks Against U S Banks in 2012–2013"},{"key":"ref99","author":"yadron","year":"2015","journal-title":"Iranian Hackers Infiltrated New York Dam in 2013"},{"key":"ref96","author":"abrams","year":"2008","journal-title":"Malicious control system cyber security attack case study Maroochy water services Australia"},{"key":"ref97","year":"2016","journal-title":"Seven Iranians Working for Islamic Revolutionary Guard Corps-Affiliated Entities Charged for Conducting Coordinated Campaign of Cyber Attacks Against U S Financial Sector"},{"key":"ref10","year":"2017","journal-title":"Public Summary of Sector Security and Resilience Plans"},{"key":"ref11","year":"2004","journal-title":"Critical Infrastructure Protection in the fight against terrorism"},{"key":"ref12","year":"2020","journal-title":"Industrial Control Systems"},{"key":"ref13","year":"2020","journal-title":"Information Sharing & Analysis Centers"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2380790.2380805"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2015.2512235"},{"key":"ref82","author":"mathews","year":"2017","journal-title":"Notpetya Ransomware Attack Cost Shipping Giant Maersk Over $200 Million"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1109\/CSCloud.2015.86"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/EI2.2017.8245509"},{"key":"ref81","year":"2017","journal-title":"Schroedinger’s Pet(ya)"},{"key":"ref117","first-page":"2614","article-title":"An event buffer flooding attack in DNP3 controlled SCADA systems","author":"jin","year":"2011","journal-title":"Proc Winter Simul Conf (WSC)"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.2172\/1505628"},{"key":"ref84","author":"maynor","year":"2017","journal-title":"The Medoc Connection"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2872114"},{"key":"ref83","year":"2017","journal-title":"Cyber Attack Ukrainian Software Company Will Face Charges Over Security Neglect Police Suggest"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/SARNOF.2015.7324661"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101677"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA.2017.8247663"},{"key":"ref113","first-page":"165","article-title":"PAtt: Physics-based attestation of control systems","author":"ghaeini","year":"2019","journal-title":"Proc 22nd Int Symp Res Attacks Intrusions Defenses (RAID)"},{"key":"ref80","author":"logic","year":"2017","journal-title":"Wannacry Two Weeks and 16 Million Averted Ransoms Later"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04798-5_5"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-61204-1_33"},{"key":"ref120","first-page":"67","article-title":"Real-time and interactive attacks on DNP3 critical infrastructure using scapy","volume":"161","author":"rodofile","year":"2015","journal-title":"Proc 13th Australas Inf Secur Conf (AISC)"},{"key":"ref89","author":"osborne","year":"2021","journal-title":"Colonial Pipeline Attack Everything You Need to Know"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2015.47"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2015.05.015"},{"key":"ref85","author":"labs","year":"2017","journal-title":"Notpetya Technical Analysis"},{"key":"ref86","year":"2017","journal-title":"New Ransomware Old Techniques Petya Adds Worm Capabilities"},{"key":"ref87","author":"gofman","year":"2017","journal-title":"Advanced Threat Analytics Security Research Network Technical Analysis NotPetya"},{"key":"ref88","author":"sood","year":"2017","journal-title":"NotPetya technical analysis — a triple threat File encryption MFT encryption credential theft"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielam\/6287639\/9312710\/9638617-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/9312710\/09638617.pdf?arnumber=9638617","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,8]],"date-time":"2022-04-08T18:53:40Z","timestamp":1649444020000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9638617\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"references-count":175,"URL":"https:\/\/doi.org\/10.1109\/access.2021.3133348","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]}}}