September 13, 2021, I submitted my response to the FERC Complaint EL21-99-000 on the use of Chinese-made equipment for critical equipment used in the US grid. The equipment identified can be used in many other critical infrastructures such as water/wastewater, pipelines, oil/gas, and manufacturing. – https://www.controlglobal.com/blogs/unfettered/formal-response-to-ferc-complaint-el21-99-000-on-chinese-equipment-in-the-us-grid
Category: Electric
Do the Chinese “own” our electric grids and other infrastructures?
The national focus on cyber security has been on data breaches including ransomware which is what precipitated the August 25, 2021, White House Cyber security meeting. For IT networks, the focus on data breaches is sufficient. However, the real concern for critical infrastructures is not data breach but equipment damage that can cause very extended […]
What happened at the Taishan Unit 1 nuclear plant in China?
June 14, 2021, CNN reported that the Chinese Taishan Unit 1 EPR nuclear reactor experienced unusual operating conditions. Specifically, Framatome warned of an “imminent radiological threat”. The warning included an accusation that the Chinese safety authority was raising the safety limits for radiation detection limit to avoid having to shut it down. June 16, 2021, […]
Taishan 1 radiological release
CNN is reporting the following: Exclusive: US assessing reported leak at Chinese nuclear power facility Taishan 1 is the first EPR to go commercial. The instrumentation and control systems at Taishan may not have played a role in whatever is occurring. However, I was part of an arbitration hearing between TVO and Siemens/Framatome Because of various […]
A Reality Check of the DOE 100-Day Plan to Address Cybersecurity Risks to the US Electric System
I am happy to see ICS cyber security specifically being addressed by the US Secretary of Energy. It is “unobtainium” to secure the electric system, or any other industry which uses the same equipment, within 100 days even though there can be a good start. Network cyber threat prevention and situational awareness can be employed […]
Enough About Data Breaches. Let’s Talk About OT Security – TAG Cyber
Tag Cyber moderated a roundtable discussion with Mark Weatherford and me on control system cybersecurity. The discussion was why operational technology (OT) is woefully neglected—and what can be done to change that. This discussion becomes even more timely with the recent DOE 100-Day Plan to Address Cybersecurity Risks to the US Electric System. The roundtable […]
Observations from 2021 SANS ICS Cyber Security Conference
The 2021 SANS ICS Cyber Security Conference was held March 4-5, 2021 with almost 9,000 registrants globally. The Conference thoroughly addressed OT networking issues. However, cyber security issues associated with Level 0,1 devices were not as adequately understood and addressed. There was also almost no discussion of the hardware backdoors in the Chinese-made transformers. My […]
Texas power outages demonstrate grid cyber vulnerability and inadequacy of existing regulations
Recent Texas power outages and the loss of both electricity and water across Texas demonstrate how vulnerable ERCOT and Texas are to not only natural disasters such as snowstorms and hurricanes but also manmade and malicious activities. More than that, it also demonstrates the vulnerability of the entire U.S. Energy grid. The good news is […]
Why America would not survive a real first strike cyberattack today
Mike Rogers is a former member of Congress who served as chairman of the House Intelligence Committee. He is the David Abshire Chair at the Center for the Study of the Presidency and Congress and is a senior fellow with the Intelligence Project at the Belfer Center for Science and International Affairs at Harvard University. […]
Don’t overlook the most consequential control system cyber events of 2020
URL: https://www.controlglobal.com/blogs/unfettered/dont-overlook-the-most-consequential-control-system-cyber-events-of-2020/ Two of the most consequential control system cyber events (attacks) in 2020 were supply chain attacks. The first event was the Chinese installing hardware backdoors in large electric transformers, an incident that prompted Presidential Executive Order (EO) 13920. The hardware backdoors are obvious control system threats. The second event was the Russian SolarWinds […]