Proceedings of the NATO IST-128 Workshop: Assessing Mission Impact of Cyberattacks

Compiled by Alexander Kott

These papers were presented during the technical sessions of NATO workshop IST- 128 / RWS-019, entitled “Cyber Attack Detection, Forensics and Attribution for Assessment of Mission Impact.” The first technical session focused on the need to gain insights into the intent, motivations, and capabilities of the attackers, in order to understand the intended and actual mission impact. The second explored whether, and to what extent, it is possible to understand the mission impact by analyzing the observable cyber signal and events, through such means as are normally associated with cyber intrusion detection, forensics, and malware analysis. The third discussed the need for models of missions and systems that support missions, and the approaches to constructing such models. The fourth technical session investigated the means by which mission impact could be simulated or modeled. Additional details and a report generated based on the discussions at the workshop are documented in a separate publication titled “Assessing Mission Impact of Cyberattacks: Report of the NATO IST-128 Workshop.”