ABSTRACT
Critical infrastructures (CI) are connecting their systems to the internet at an increasing rate, providing the opportunity for malicious actors to attack these systems using cyber-weapons. Compromised systems then pose issues for the affected company, and may disrupt the broader population. The purpose of the current study was to analyze IP addresses collected from discussion forums, with a specific interest in which Canadian CIs could potentially be at risk of a cyber-attack. Overall, 897,524 IP addresses were extracted from 47,134,503 posts across 20 discussion forums, 39,164 of which were associated with Canadian CI. Of all Canadian CI sectors, the majority of IP addresses were found to belong to the information and technology sector. A thematic analysis of posts containing IP addresses was conducted, revealing that the majority of posters were sharing large lists of IP addresses with no context given. Lastly, a keyword search was employed on the forums in an attempt to understand discussions surrounding CI. A thematic analysis was employed on a random sample of posts containing keywords, revealing two major themes: Potential threat and threat information. Findings from this study reveal that information useful for conducting cyber-attacks against CI is being shared within these online forums.
Disclosure statement
No potential conflict of interest was reported by the author(s).
Notes
1. Critical infrastructure abbreviated as CI
2. The Dark Crawler is a custom written web crawler and web scraper, for more information visit www.thedarkcrawler.com
3. For a more detailed description of the collection process, refer to Frank et al. (Citation2016), or Macdonald, Frank, Mei, and Monk (Citation2015).
4. See for a summary of forum names and numbers
5. Codes were reviewed and agreed upon by authors before moving forward.
6. Quotes were taken directly from coded posts and assigned pseudonyms (X1-X11) for the purpose of this analysis
Additional information
Funding
Notes on contributors
Noelle Warkentin
Noelle Warkentin is a PhD student in the School of Criminology at Simon Fraser University. She is supervised by Dr. Richard Frank, and is a research assistant in the International Cyber Crime Research Centre (ICCRC). Her research interests include cyber-terrorism, cyber-warfare, cybersecurity, cyber-threats to critical infrastructure, and international weapons dealing on the dark web.
Richard Frank
Richard Frank is Associate Professor in the School of Criminology at Simon Fraser University (SFU), Canada and Director of the International CyberCrime Research Centre (ICCRC). Richard completed a PhD in Computing Science (2010) and another PhD in Criminology (2013) at SFU. His main research interest is Cybercrime. Specifically, he's interested in researching hackers and security issues, the dark web, online terrorism and warfare, eLaundering and cryptocurrencies, and online child exploitation. He is the creator of The Dark Crawler, a tool for collecting and analyzing data from the open Internet, dark web, and online discussion forums. Through this tool the ICCRC has collected ~150 million posts from various right-wing, left-wing, gender-based and religiously-motivated extremist communities, leading to a number of projects and publications. Dr. Frank has publications in top-level data mining outlets, such as in Knowledge Discovery in Databases, and security conferences such as Intelligence and Security Informatics (ISI). His research can also be found in Criminology and Criminal Justice, Journal of Research in Crime and Delinquency, and the Canadian Journal of Criminology and Criminal Justice, to name a few.
Yuxuan (Cicilia) Zhang
Yuxuan (Cicilia) Zhang is a M.A. student in Criminology at Simon Fraser University (SFU), Canada. She received the B.A. degree in Criminology from SFU in 2019. Her research interests include cybersecurity, cyber threats against Critical Infrastructure, open-source intelligence (OSINT), cyber-warfare, and cyberaggression among minority population.
Naomi Zakimi
Naomi Zakimi is a PhD student at Simon Fraser University’s School of Criminology and is a member of the Crime and Illicit Networks Lab (CaIN) where she works under the supervision of Dr. Martin Bouchard. Her main research interests focus on understanding the development of criminal achievement, particularly as they relate to drug crimes and within the context of current drug policy.