The impetus for this blog was twofold: first, a Concordia University study dated January 24, 2024, which concluded that tampering with the electric system sensors could cause grid fluctuations, and second, my meeting with the engineer who scientifically documented that the radiation monitoring system outside the Chernobyl nuclear plant was compromised with false data. The blog includes examples in numerous industries of catastrophic events from malicious and unintentional process sensor cyber-related incidents. Russia, China, and Iran are all aware of the ability to compromise process sensor data. And they’ve also exploited such vulnerabilities. Concerning the IRGC Unitronics hack, I gave a presentation at Defcon in 2017 on the lack of cyber security in process sensors. I subsequently received a “like” on my LinkedIn account from someone who claimed to be a senior engineer in a water company in Iran. Yet, cyber security requirements and cyber security alerts in electric, water, pipelines, transportation, etc. still do not address process sensors.
False process sensor data can be catastrophic but are not adequately addressed
