I am an engineer not a threat analyst. I can tell you what can happen to control systems from cyber vulnerabilities; I cannot tell you why someone would or would not want to exploit these vulnerabilities. My concerns are from a safety perspective as process sensors are used globally to monitor environmental conditions around industrial facilities. Kim Zetter wrote an article about Ruben Santamarta’s paper concerning the post-Russian invasion radiation spikes around Chernobyl – “The Mystery of Chernobyl’s Post-Invasion Radiation Spikes”. One of my first jobs at GE Nuclear Energy (in the 1970s) was reprogramming the nuclear plant simulator’s startup model. The simulator was used for training nuclear plant operators and other nuclear plant personnel. The simulator had a problem as the physics hadn’t correctly addressed the neutron flux sensors’ response when a control rod was pulled. This wasn’t a cyberattack but it demonstrated that process sensor values, in this case neutron flux values, can provide misleading results and yet not necessarily be recognized as being wrong. There have been many other cases where inaccurate process sensors have led to incorrect automatic or manual actions including an incident where an inaccurate process sensor caused by a manufacturing flaw contributed to a nuclear plant core melt and another where inaccurate process sensors directly contributed to a dam collapse. Unfortunately, when it comes to OT cyber security, process sensor readings are assumed to be uncompromised, authenticated, and correct. Even worse, in industries, such as electricity, water, oil/gas, pipelines, etc., the cyber security of process sensors is effectively ignored. In summary, these cases demonstrate that the gamma sensing system being hacked causing the observed radiation spikes is a technologically credible scenario.
