Mojtaba S. is a project manager, consultant, and industrial security specialist for the Electric Industry of Iran for the past 8 years. His well-written article, “Detecting Cyber Intrusions in Substation Networks,” demonstrates detailed knowledge of electric substation designs, protocols, and cyber vulnerabilities. Russia compromised a US water system and has been in the U.S. grids since […]
Formal response to FERC Complaint EL21-99-000 on Chinese equipment in the US grid
September 13, 2021, I submitted my response to the FERC Complaint EL21-99-000 on the use of Chinese-made equipment for critical equipment used in the US grid. The equipment identified can be used in many other critical infrastructures such as water/wastewater, pipelines, oil/gas, and manufacturing. – https://www.controlglobal.com/blogs/unfettered/formal-response-to-ferc-complaint-el21-99-000-on-chinese-equipment-in-the-us-grid
Who’s Who in Cybersecurity
I have recently been honored with being accepted into the Top Cyber News Magazine’s “Who’s Who in Cybersecurity”. If you have a LinkedIn account, please following this URL: https://www.linkedin.com/feed/hashtag/?keywords=topcybernews
Do the Chinese “own” our electric grids and other infrastructures?
The national focus on cyber security has been on data breaches including ransomware which is what precipitated the August 25, 2021, White House Cyber security meeting. For IT networks, the focus on data breaches is sufficient. However, the real concern for critical infrastructures is not data breach but equipment damage that can cause very extended […]
World Federation of Scientists (WFS) Permanent Monitoring Panel – Mitigation of Catastrophic Risk
August 24th, 2021, I will be on an Engineering Infrastructure Resilience Panel discussing Cyber-Physical Security of Critical Infrastructures – Catastrophic Risks and Mitigation Strategies. Panelists will include Walter Grayman, Ali Mosleh from UCLA, Shaikha Al-Sanad from the Kuwait Institute for Scientific Research, Andrew Ohrt from West Yost, John Organek from the EIS Council, and myself. […]
Don’t Wait For Government To Enforce Security
Everyone remembers the ugly days following the large ransomware attack on the Colonial Pipeline’s IT infrastructure. Most security experts who know anything about the oil and gas pipeline industry were not surprised. While there were/are recommended security practices from the Transportation Security Agency (TSA), there is no formal regulation of any sort for oil and […]
US critical infrastructure cyber security is backwards – it’s the process that counts not the data
With the never-ending, and too often successful, attacks on critical infrastructure networks, there needs to be a better way to protect control systems and the processes they monitor and control. The fallacy about critical infrastructure cybersecurity is that the Internet Protocol (IP) networks are needed to keep lights on, water flowing, etc. July 28, 2021, […]
Sometimes giving a speech is better than issuing a memorandum
“I believe that this nation should commit itself to achieving the goal, before this decade is out, of landing a man on the moon and returning him safely to the earth. No single space project in this period will be more impressive to mankind, or more important for the long-range exploration of space; and none […]
Results from ThreatConnect webinar on mitigating risks in critical infrastructures and on-going actual risks
July 21, 2021, I participated in a live webinar discussion, hosted by ThreatConnect’s Dan Verton, on mitigating risk in critical infrastructures with Bob Kolasky from DHS CISA and Tim Grieveson from Aveva. The webinar link can be found at ThreatConnect Podcast Ep. 21: Mitigating Cyber Risk in Critical Infrastructures I met Dan in 2001 when […]