Before I reveal this e-mail I sent to the ISA-99 list, one should understand the discussion leading up to my rant. The ISA-99 list had been trying to frame its discussion in terms of existing security standards. In my opinion, they’re making an enormous mistake. Industrial control system security should not be pigeonholed in to […]
Category: Critical Infrastructure
Why the NY Dam Incident Really Did Not Matter
Ray Park from the SCADASEC mailing list made this comment on 5-Apr-2016: Dams, other than major hydroelectric dams, are not a good target for hack attack. With most flood control and water reservoir dams, the only real control is the floodgates. We considered how to use that and the only thing we could come up […]
2016 Spring Flooding and Potential Impacts
The U.S. Department of Homeland Security, National Protection and Programs Directorate, Office of Cyber and Infrastructure Analysis (OCIA) provided an overview of the National Oceanic and Atmospheric Administration (NOAA) 2016 Spring Flooding Outlook and examines the potential impacts to U.S. critical infrastructure. This product is an update to the April 21, 2015, OCIA Spring Flooding […]
Iranian Hacker Used Google To Hack N.Y. Dam Computer
I have a bit of background I learned from primary sources with direct knowledge of the situation. First, this dam was not a life safety issue. It was for storm water management. The sluice gate was supposedly out of service at the time. However, even it had been in service, it could have gone up […]