After having done the analysis of the Bellingham, WA Olympic Pipeline rupture that killed 3 people for NIST, I expected the Colonial Pipeline hack to be an OT incident affecting the SCADA system and potentially causing pipe leaks or pipe ruptures. However, that does not appear to be the issue in this case. Darkside’s malware […]
Category: Policy
Control system cyber incidents are much more plentiful than people realize
Control systems are systems of systems. Consequently, when one device or system is compromised, it can impact many others, potentially numbered in the tens to thousands. If I were to have counted all of the individual cases, my database would have almost 12 million control system cyber incidents. The insurance industry and credit rating agencies […]
Are your buildings and cloud cyber secure?
Many data centers that support the cloud as well as commercial buildings have not adequately addressed control system cyber security. The lack of adequately addressing building control system cyber security was demonstrated to have caused very significant financial and potentially safety impacts. When you consider these control system cyber threats can affect multiple buildings, the […]
A Reality Check of the DOE 100-Day Plan to Address Cybersecurity Risks to the US Electric System
I am happy to see ICS cyber security specifically being addressed by the US Secretary of Energy. It is “unobtainium” to secure the electric system, or any other industry which uses the same equipment, within 100 days even though there can be a good start. Network cyber threat prevention and situational awareness can be employed […]
Enough About Data Breaches. Let’s Talk About OT Security – TAG Cyber
Tag Cyber moderated a roundtable discussion with Mark Weatherford and me on control system cybersecurity. The discussion was why operational technology (OT) is woefully neglected—and what can be done to change that. This discussion becomes even more timely with the recent DOE 100-Day Plan to Address Cybersecurity Risks to the US Electric System. The roundtable […]
Lack of security at Level 0/1: problem of awareness or unwillingness to change priorities?
To be honest I was planning to write about unintentional cyber incidents in critical infrastructure and the need to pull away some of our attention from the sexy topic of cyber-attacks and cyber kill-chains. I changed my mind when I read Dale Peterson’s informative article on “Awareness Of Purdue Level 0 and 1 (In)Security” and […]
Observations from 2021 SANS ICS Cyber Security Conference
The 2021 SANS ICS Cyber Security Conference was held March 4-5, 2021 with almost 9,000 registrants globally. The Conference thoroughly addressed OT networking issues. However, cyber security issues associated with Level 0,1 devices were not as adequately understood and addressed. There was also almost no discussion of the hardware backdoors in the Chinese-made transformers. My […]
Texas power outages demonstrate grid cyber vulnerability and inadequacy of existing regulations
Recent Texas power outages and the loss of both electricity and water across Texas demonstrate how vulnerable ERCOT and Texas are to not only natural disasters such as snowstorms and hurricanes but also manmade and malicious activities. More than that, it also demonstrates the vulnerability of the entire U.S. Energy grid. The good news is […]
Don’t overlook the most consequential control system cyber events of 2020
URL: https://www.controlglobal.com/blogs/unfettered/dont-overlook-the-most-consequential-control-system-cyber-events-of-2020/ Two of the most consequential control system cyber events (attacks) in 2020 were supply chain attacks. The first event was the Chinese installing hardware backdoors in large electric transformers, an incident that prompted Presidential Executive Order (EO) 13920. The hardware backdoors are obvious control system threats. The second event was the Russian SolarWinds […]
What would Sun Tzu and Louis Pasteur say about today’s industrial cybersecurity?
Have been following the discussions on industrial cybersecurity, convergence, network vs device security, and IT vs OT vs ICS[2]. Some of the points of view differ greatly on what needs to be done. This lack of consensus indicates that something may be wrong with our assumptions and our approach. A disturbing lack progress being […]