Control system cyber impacts are visible – lights go out, pipes leak or break, trains crash, planes crash, etc. However, it is often not evident that cyber played a role. Many times, sophisticated cyber attackers will make a cyberattack look like an equipment malfunction. There have been cyberattacks by Russia and China on US grids […]
Category: General Topic
The need for correct, authenticated pressure measurements for reliability, safety, and cyber security
Correct pressure and other process sensor measurements are necessary for reliability, product quality, maintenance, process safety, and cyber security. These devices can be incorrect for unintentional or malicious reasons. January 13, 2023, Abhishek Sharma published the ISA blog – “The wisdom of correct pressure measurements”. It is a good blog but doesn’t address all of […]
Another case where process sensor monitoring could have prevented a facility shutdown
Canadian Copper Mountain Mining (CMMC) shut down their mill after a December 27th ransomware attack “as a preventative measure to determine the status of its control system, while other processes switched to manual operations”. Off-line process sensor monitoring of the physics system would not be susceptible as neither IT malware nor ransomware could reach the […]
Process sensors are different than IOT and IIOT devices
December 2022, the US Government Accountability Office (GAO) issued Critical Infrastructure Actions Needed to Better Secure Internet-Connected Devices (GAO-23-105327). According to GAO, the scope of the report was governed by a legislative mandate in The Internet of Things Cybersecurity Improvement Act of 2020, which (along with conversations with GAO’s Congressional clients), which dictated the terms […]
Applying IP network guidance has harmed control system field devices and legacy control systems
I continue to be very concerned that both private sector and public sector policy-making organizations (square peg) simply don’t have the control system cyber security technical depth to be making decisions about cybersecurity of control systems (round hole). There have been many documented cases where applying IP network mitigations has caused very significant problems to […]
12th Cyber Security Summit keynote presentation
On October 26th at 8:30 am, I will be giving one of the keynote presentations at the 12th Cyber Security Summit in Minneapolis – https://www.cybersecuritysummit.org/. The title of my presentation is “Narrowing the Gap – A Unilateral Understanding of Engineering and Network Security” or “The risks of cutting corners to put a square peg in a […]
Many OT cyber security experts don’t understand the systems they are trying to secure – the square peg in the round hole
There is an old saying about not forcing a square peg into a round hole. The square peg is IT and OT network security. The round hole is the insecure ICS field device. On September 8, 2022, RSA held the RSAC 365 Virtual Seminar & Innovation Showcase: OT & ICS Security. The session was focused on […]
Finding statistics about APT’s? It’s complicated.
Have been following an email list thread that was generated from a request for statistical information about APT’s (advanced persistent threats). Many of the offers of information were very ransomware and cybercrime oriented. To me such descriptions are not a good fit to address what APT’s are. Thought I would share my contribution to that […]
Windows-based HMIs are too slow for monitoring process sensors or plant equipment anomalies
Process sensors are the input for predictive maintenance, digital transformation, Industry4.0, smart manufacturing, smart grid, etc. The majority of OT networks use Windows-based HMIs even though Windows was not designed to be an engineering data acquisition tool. In a recent plant test, the Windows-based HMI was not effective and, in fact, provided misleading information on […]
Cyberattacks causing kinetic damage are neither new nor uncommon
July 11, 2022, the BBC published an article, “Predatory Sparrow: Who are the hackers who say they started a fire in Iran?” The article states that it’s extremely rare for hackers to cause damage in the physical world. But according to the BBC article, a cyberattack on a steel mill in Iran was a kinetic […]