Networked Battery Energy Storage Systems (BESS) introduce cyber and physical vulnerabilities, and not enough attention is paid to training, design and operation. As a follow-up to my February 14, 2025 Unfettered blog, “Cyber vulnerable battery systems are catching fire and communicate directly to China”, T&D World published the update “How Vulnerable to Cyber Attacks are […]
Category: Electric
Cyber vulnerable battery systems are catching fire and communicate directly to China
Battery energy storage systems (BESS) are cyber vulnerable. There have been numerous cases where intentional and/or unintentional control system cyber incidents have caused or contributed to thermal runaway fires. There have been other cases where BESS systems have been cyber-compromised. Yet there appears to be minimal attention being paid to cybersecurity in the design, operation, […]
Sam Houston State University paper – “Who’s in charge of OT security”
The Institute for Homeland Security at Sam Houston State University published my paper –Whos_in_Charge_of_OT_Security.pdf (ihsonline.org). CISOs have traditionally been responsible for cyber security of enterprise IT networks excluding the control system (operational) assets which were under the purview of the engineering organizations. After the 2006 Gartner Research paper that coined the term “OT”, the CISOs […]
Follow-up: Report of another PLC compromised using cyber means
(cross-posted from the SCADASEC mailing list – posting was reply from Marina Krotofil) A couple of other friends reached out and asked for more details and more thoughts.So I wanted to add a couple more things. Note, that I do not havevisibility into the EXACT configuration of LvivTeploEnergo infrastructure,which is insanely complex as well as […]
Report of another PLC compromised using cyber means
(cross-posted from the SCADASEC mailing list – posting was reply from Marina Krotofil) I just went through the Dragos report, the Wiredarticle, the Ukrainian sources, Nozomi report, some more foreign articles,Medium articles, Dale Peterson opinion piece, CERT-UA page, spoke to someICS folks who already looked into the sample, and I have so many questions. 1. […]
Exploiting remote access – the ultimate living off the land attack
Remote access to control systems is necessary for equipment reliability and availability. Securing remote access is a very tough problem because it is a double-edged sword providing needed reliability improvement and a potential vehicle for Living-off-the-Land attacks. Cyber security technologies exist to secure remote access from external intruders. However, cyber security programs are not adequately […]
The US electric industry is not responding to cyber-vulnerable Chinese equipment
The electric grid is interconnected. The interconnectivity goes not only between utilities but also between facilities connected to the grid. The Chinese (and other threat actors) are exploiting this cyber security gap. Chinese transformers, cranes, inverters, process sensors, etc. are comparably well-made and inexpensive leading to their continued use in US critical infrastructures. Many of […]
False process sensor data can be catastrophic, but are not adequately addressed
The impetus for this blog was twofold: first, a Concordia University study dated January 24, 2024, which concluded that tampering with the electric system sensors could cause grid fluctuations, and second, my meeting with the engineer who scientifically documented that the radiation monitoring system outside the Chernobyl nuclear plant was compromised with false data. The […]
Microsoft Australian East Data Center control system cyber incident – unintentional or malicious?
Data center control system cyber incidents have shut down or damaged data centers operated by many different entities globally. August 30, 2023, a utility voltage sag tripped cooling units at the Microsoft Australia East Azure Data Center. When the voltage sag occurred, all five chillers in operation faulted and didn’t restart because the pumps did […]
Hacking insecure process sensor systems may have affected the Chernobyl nuclear plant site
I am an engineer not a threat analyst. I can tell you what can happen to control systems from cyber vulnerabilities; I cannot tell you why someone would or would not want to exploit these vulnerabilities. My concerns are from a safety perspective as process sensors are used globally to monitor environmental conditions around industrial […]