There have been more than 130 control system cyber incidents in water/wastewater utilities. Like Oldsmar and Discovery Bay, most of these incidents have occurred in small water utilities. Many of these incidents were not publicly disclosed, nor were the utilities required to disclose these incidents. When the Oldsmar water “hack” was publicized, a water system […]
Category: General Topic
Differences between IT and control system cyber incidents in maritime
Researchers at NHL Stenden University of Applied Sciences in the Netherlands have launched the Maritime Cyber Attack Database (MCAD). MCAD includes information on over 160 cyber incidents in the maritime industry. When compared to my database of control system cyber incidents, the MCAD database was missing the cases where control system cyber-related incidents caused physical […]
“Chattinn Cyber” with Marsh’s Marc Schein on critical infrastructure cyber security
Marc Schein is the Northeast Cyber Champion for Marsh & McLennan (insurance). Marc has spoken before members of Congress and leaders in the Aviation Industry on Capitol Hill regarding the issues and costs of cyber breaches, and how to properly transfer risk to ensure that an organization or business is properly protected from what might […]
How can you do incident response if you can’t recognize an incident?
Cyber incident response starts with the assumption that you can recognize a control system cyber-related event as being a cyber event. Globally, there have been more than 17 million control system cyber incidents that have killed more than 34,000 yet most of the incidents were not identified as being cyber-related. There is no training for […]
The Forgotten Part of Network Segmentation
If you’ve been wondering about OT network segmentation, read this.
Florida city water cyber incident allegedly caused by employee error
The Oldsmar, Florida, water treatment plant was the target of a cyberattack in 2021, which raised concerns about the cyber vulnerability of crucial infrastructure. Reports at the time claimed that a worker at the company witnessed his computer being accessed and managed remotely. The amount of sodium hydroxide, also known as lye, in the water […]
State of ICS Cybersecurity and Critical Infrastructure: Half empty, Half full, or Stay Focused on the Quest?
A colleague recently expressed some dismay over the lack of progress in ICS cybersecurity in the past 20 years. He has a point, but I had to respond. Below is a copy of my response and hope it will be taken as something “for the good of the Order”. “Yeah I hear ya, but the […]
Impressions of the U.S. National Cybersecurity Strategy of 2023
Was busy at a resilience workshop in Germany last week when the buzz started to peak about the release of the latest version of the U.S. National Cybersecurity Strategy[1]. As someone who headed task forces to prepare the first Military Defence Strategy (2000) and first National Defense System Cybersecurity Strategy (2009) of Lithuania and served […]
The National Cybersecurity Strategy fails to address fundamental control system and critical infrastructure issues
In May 1998, Presidential Decision Directive (PDD) 63 mandated the cyber security of critical infrastructures be implemented by May 2003. Twenty years and multiple PDDs and Presidential Executive Orders later, the government agencies responsible for securing the critical infrastructures are still failing to adequately address the issues that can cripple our country and its critical […]
FUD is not helpful but running into a Cyberg is far worse.
In the beginning of March on Linkedin there was some discussion of FUD and some advice for vendors and consultants. I quote: „FUD is not helpful. 1) Avoid words & phrases like “Sophisticated Attack” or “Nation-State” if you are a vendor / consultant trying to build a business case with asset owners. 2) Please double […]