Trust Abuse in the Underbelly of Critical Infrastructure Operations
Trust Abuse in the Underbelly of Critical Infrastructure Operations

Author(s): Eduard-Ștefan SANDU
Subject(s): Politics / Political Sciences, Politics, Economy, Law, Constitution, Jurisprudence, Security and defense, ICT Information and Communications Technologies, EU-Legislation
Published by: Asociatia Romana pentru Asigurarea Securitatii Informatiei
Keywords: exfiltration; infrastructure; procurement; ransomware; signature
Summary/Abstract: The scientific paper presents a revolutionary cyberattack model that demonstrates how public procurement systems can be weaponized to distribute multi-extortion ransomware in critical infrastructure environments, abusing trust in legally signed documents. The attack scenario unfolds by first developing spyware capable of taking control of the digital device designed for individual use of a legitimate authorized user through which the malicious document will be signed with a qualified electronic signature, a document that will contain a ransomware. The electronically signed document will be used and sent within the framework of public procurement processes, in accordance with the rules imposed by each contracting authority through the electronic platform, named Electronic Public Procurement System. The paper is structured in sections covering the legal framework of public procurement and critical infrastructure, as well as the practical implementation scenario. The novelty of this research lies in the demonstration of a full-spectrum attack chain that combines legal compliance, identity theft and exploitation of institutional trust to bypass traditional security mechanisms.

• Details
• Contents