Unbounded impacts and risk mitigation in billing infrastructures

A billing infrastructure is an information and communications technology system that bills a set of customers for some service they access. We discuss how the minimisation of the infrastructure cost may introduce components that are points of catastrophic failure in a security perspective because successful attacks against these components result in a full control of the infrastructure. We describe a classification of both attacks and threats and a mathematical model of attack impacts to prove that the introduction of points of catastrophic failure result in a heavy-tailed probability distribution of impacts. A heavy-tailed distribution has several implications on risk management because the probability of very large impacts may not be neglected and countermeasures cannot be selected according to their cost effectiveness because even the most expensive ones are convenient. For these reasons, risk management should introduce redundant components with a decentralised control to increase resilience and minimise attack impacts.