For SCADASec
Fifteen years ago, I wrote the blog – “Malicious vs unintentional cyber incidents – why it is necessary to include unintentional incidents” This blog was written weeks before Stuxnet and its impact on control systems and centrifuge damage were made public. Stuxnet demonstrated that cyberattacks could be made to look like equipment malfunctions and therefore go unidentified as cyber-related. Control system field devices have neither cyber forensics nor cybersecurity training sufficient to identify control system incidents as being cyber-related. Monitoring OT networks does not provide this information. Not only are we missing identifying unintentional control system incidents as being cyber-related, but we are also missing identifying control system cyberattacks as being cyber-related. What have we learned since Stuxnet? When it comes to control system cybersecurity, not much.
