Process sensors are the input for predictive maintenance, digital transformation, Industry4.0, smart manufacturing, smart grid, etc. The majority of OT networks use Windows-based HMIs even though Windows was not designed to be an engineering data acquisition tool. In a recent plant test, the Windows-based HMI was not effective and, in fact, provided misleading information on […]
Category: Critical Infrastructure
Cyberattacks causing kinetic damage are neither new nor uncommon
July 11, 2022, the BBC published an article, “Predatory Sparrow: Who are the hackers who say they started a fire in Iran?” The article states that it’s extremely rare for hackers to cause damage in the physical world. But according to the BBC article, a cyberattack on a steel mill in Iran was a kinetic […]
Utility/DOE data indicates sophisticated hackers have compromised US electric control centers
This is the utilities’ data and DOE analyzed it… and it was still missed DOE’s Form OE-417 collects information from the US utilities on electric incidents and emergencies. The OE-417 data covers the time span from 2000 through the end of February 2022 and so does not include any incidents since the start of the […]
The survey results of the 2022 DNV energy cyber security report are grossly misleading
DNV published The Cyber Priority report, “The State of Cyber Security in the Energy Sector”. I believe the oil, gas, and chemical (not electric) industries are leading most industries addressing control system cyber security. The report states the research draws on a survey of 948 energy professionals and a series of in-depth interviews with industry […]
Critical infrastructure cyber security is broken – process sensors continue to be ignored
While no one would argue that network security isn’t important, it’s also important that the basic process sensor data that cross the OT network not be overlooked. Process sensors are necessary input for reliability, availability, safety, predictive maintenance, product quality, and cyber security. Yet process sensors have no cyber security and are connected to the […]
Utility industry continues to deny that control system cyber incidents are occurring
Control system cyber incidents are real and impactful (more than 500 control system cyber incidents in the electric industry). To date, most of these incidents have not been identified as “cyber” because of lack of identified intent. When reporting and remediating a control system cyber incident, the intent isn’t as important as the impact of […]
Control system cyber incidents in electric and other sectors are frequent, often impactful, but not reported
The electric and nuclear industries have required “incident” disclosure for more than 20 years. The other infrastructure sectors either have no incident disclosure requirements or only recently started such as TSA for pipelines and EPA for water. There is a significant gap between the electric industry’s reported control system cyber incidents and actual control system […]
You can’t protect the unprotectable – our critical infrastructures
Locking the door doesn’t work where there is no door. Unintentional cyber accidents or malicious cyberattacks can cause kinetic damage and there are no cyber forensics, training, or cyber security requirements for addressing these incidents. The TSA Pipeline cyber security requirements (and corresponding requirements for other infrastructure sectors) need to be more control system-focused. That […]
Regarding Dr. Aunshul Rege and her Critical Infrastructure Ransomware Dataset Repository
It has come to my attention of something that many researchers dread – someone else stealing *your* data. Though her dataset repository is free of charge, as well as publicly available, there always are individuals (and corporations) out in the world who feel that publicly-available, openly-available, and freely-available data, although free, belongs to them for […]
Comments to the CISA Cybersecurity Advisory Committee on Process Sensor Cyber Insecurity
The DHS CISA Cybersecurity Advisory Committee held a conference call Thursday, March 31, 2022, that discussed current CISA Cybersecurity Advisory Committee activities and the Government’s ongoing cybersecurity initiatives. The meeting was for the Committee members to hear updates and discuss progress as it relates to the CISA Cybersecurity Advisory Committee’s six subcommittees: (1) Transforming the […]