Modeling the Ripple Effects of IT-Based Incidents on Interdependent Economic Systems

摘要

The information technology (IT) sector is one of the most critically utilized infrastructures within the U.S. economic system. The IT sector is vulnerable to man-made attacks and it is challenging to assess the consequences of disruptions to the production and delivery of essential IT services to other economic systems. In this paper, we developed a dynamic model based on economic input-output analysis to assess time-varying disruptions on the IT sector over multiple periods. The model is applied in an ex post analysis of an actual denial-of-service (DoS) attack scenario on the IT infrastructure to estimate the consequences propagated to interdependent economic systems. The model uses Bureau of Economic Analysis data to simulate the effects of IT-based incidents and subsequently identify the critically affected economic sectors. Key results of the case study include assessments of ripple effects to vulnerable sectors in the form of inoperability and economic loss measures. An investigation of the DoS attack in year 2000 using the proposed dynamic model revealed significant losses that are consistent with the magnitude of losses from previous studies. Furthermore, the model is capable of depicting the breakdown of losses across various economic sectors, which is a significant improvement relative to previously published results. This research also extends into a multiyear trend analysis (1999-2009) to aid in developing policies for reducing the effects of IT risks across the interdependent sectors of the U.S. economy. (C) 2014 Wiley Periodicals, Inc.