July 21, 2021 from 1-2pm EDT, I will be participating in a live webinar discussion on mitigating risk in critical infrastructures with Bob Kolasky from DHS CISA and Tim Grieveson from Aveva. The link can be found at https://threatconnect.com/mitigating-cyber-risk-in-critical-infrastructure/.
Category: Unfettered
Sensor monitoring technology can make critical infrastructures less attractive targets for ransomware
Ransomware and other IT-originated cyberattacks can affect control systems when IT networks are connected to OT networks or insecure IOT devices are connected to OT networks. Off-line sensor monitoring technology doesn’t stop a ransomware attack, rather the technology is oblivious to the ransomware or IT attack. The off-line process sensor monitoring can provide real time […]
It may not be possible to recognize a “Cyber Pearl Harbor” as a cyber event
Ransomware attacks will continue to occur as they are so profitable. Unlike control system cyberattacks, network cyberattacks are short-lived as they do not damage critical hardware which is why network cyberattacks are not a “Cyber Pearl Harbor”. Yet that is the government and industry’s focus. For control systems, it is the opposite. When a control […]
Food For Thought: How Hackers Are Using Your Control Systems to Launch Cyberattacks
I did a podcast with Erin Hallstrom of Putman’s Food Processing on the global threat to food safety. The podcast was issued June 25, 2021 – Food For Thought: How Hackers Are Using Your Control Systems to Launch Cyberattacks
July 1st Air Force Cyber College Control System Cyber Security Seminar
July 1, 2021 from 1:00-2:00PM CDT, I will be presenting “Beyond Ransomware – Cyber Security is More than IT” to the US Air Force Cyber College. With the spate of public disclosures about ransomware incidents, why are the Chinese transformer case, SolarWinds impacts on control systems, and other actual control system incidents not being discussed? It […]
What happened at the Taishan Unit 1 nuclear plant in China?
June 14, 2021, CNN reported that the Chinese Taishan Unit 1 EPR nuclear reactor experienced unusual operating conditions. Specifically, Framatome warned of an “imminent radiological threat”. The warning included an accusation that the Chinese safety authority was raising the safety limits for radiation detection limit to avoid having to shut it down. June 16, 2021, […]
Taishan 1 radiological release
CNN is reporting the following: Exclusive: US assessing reported leak at Chinese nuclear power facility Taishan 1 is the first EPR to go commercial. The instrumentation and control systems at Taishan may not have played a role in whatever is occurring. However, I was part of an arbitration hearing between TVO and Siemens/Framatome Because of various […]
TAG Cyber Roundtable interview- “Enough About Data Breaches. Let’s Talk About OT Security”
David Hechler from Tag Cyber hosted a roundtable discussion with Mark Weatherford, who has held a variety of executive-level positions in the public and private sectors, and me on operational technology (OT). The discussions were published in the form of an edited transcript at TAG Cyber Law Journal https://www.cyberinsecuritynews.com/ot-videos. The discussion was called “Enough About […]
June 8th and 9th virtual keynotes to cyber security conferences – gaps between networking and engineering
June 8th, I will be giving a keynote at the Cyber Observatory IOT and ICS conference (https://www.cyberinnovationsummits.com/industrial-cybersecurity-iiot-event/). I also will be participating in an executive roundtable on supply chain. Also on June 8th, I will be on a panel session June 8th and giving a keynote June 9th at the 2021 New York State Cyber […]
Process sensor issues continue to be ignored and are placing the country at extreme risk
A recent NERC Lessons Learned event discussed where a combined cycle power plant in Florida suffered significant load oscillations because a sensor provided erroneous input to the steam turbine controller. The controller reacted by cycling the turbine resulting in 200MW load swings (see Max 737 plane crashes). These oscillations caused a 0.25Hz impact on the […]