Close This site uses cookies. If you continue to use the site you agree to this. For more details please see our cookies policy.

Search

Type your text, and hit enter to search:

Dual threat: Climate-induced flooding and cyberattacks 

The compound effect of a cyber security breach during climate change-induced floods can be potentially dangerous to communities, writes Y C Ethan Yang 

14
Image credits: Canva

Society is now in an era in which climate change and cyber insecurity are regular threats to life and property. In tandem, the two have the potential to be especially deadly.

“There’s evidence that climate change increases the risk of flooding, and the losses due to those floods are growing every year,” said Y C Ethan Yang, an associate professor of civil and environmental engineering (CEE) in Lehigh University’s P.C. Rossin College of Engineering and Applied Science. “Scientists have started thinking about compound issues that further exacerbate flooding, like when a hurricane is followed by heavy rainfall.” 

Yang and his team, which included Chung-Yi Lin ’23 PhD (now a postdoc at Virginia Tech) and fellow Lehigh CEE faculty member Farrah Moazeni, were interested in studying that one-two punch, and particularly: “What happens when a natural disaster and a man-made disaster happen simultaneously.” 

In their case, the man-made disaster was a cyberattack. The result of their study, Flood Risks of Cyber-Physical Attacks in a Smart Storm Water System, was recently published in Water Resources Research.

The researchers wanted to understand how vulnerable a smart stormwater system could be to a cyberattack when that same system was simultaneously dealing with storm-induced flooding.

“The idea of the smart city is great, but it opens the door to hackers,” said Yang. “We wanted to know in what flooding scenario a hacker could cause the most harm.”

Yang and his team used historical data from the stormwater management system in Bethlehem Township, Pennsylvania, to build a hydrological model to simulate flooding. They also developed an attack model that mimicked how a hacker might interfere with the system, for instance, by opening or closing gates that control water levels in retention ponds. 

They combined the data with the models to run simulations under various climate change effect scenarios (for example, the effect of increasingly higher average global temperatures) to evaluate the conditions in which a hacker might have the greatest effect on a stormwater system, thereby increasing a community’s flood risk.

“We found that if a flooding event is big enough, say there’s a Category 5 hurricane, a hacker isn’t going to increase the risk because the system is going to flood anyway,” says Yang. “The most vulnerable condition, however, is during low- to mid-level flooding events. The system should be able to handle those events. But if someone intentionally opens a gate at the wrong time, it will overwhelm the system and cause a flood downstream. We were able to quantify and show through visualisations this additional flooding risk caused by a cyberattack.”

The results have already prompted two additional projects: one will explore how to prevent such interference, and the second will examine the cascading effects within a flooded community, specifically how different groups of people are affected.

“We know that affluent people tend to suffer larger losses in terms of absolute numbers,” he says. “But socially vulnerable groups tend to suffer a greater percentage of total loss.” 

Yang hopes the mathematical framework he and his team developed for this project will be adopted by other communities across the country and around the world.

“We developed a procedure that can now allow any municipality to identify the vulnerabilities within their stormwater systems,” he said. “As long as you have the data, the method is universal.”

    Tweet       Post       Post
Oops! Not a subscriber?

This content is available to subscribers only. Click here to subscribe now.

If you already have a subscription, then login here.