Don’t overlook the most consequential control system cyber events of 2020

URL: https://www.controlglobal.com/blogs/unfettered/dont-overlook-the-most-consequential-control-system-cyber-events-of-2020/ Two of the most consequential control system cyber events (attacks) in 2020 were supply chain attacks. The first event was the Chinese installing hardware backdoors in large electric transformers, an incident that prompted Presidential Executive Order (EO) 13920. The hardware backdoors are obvious control system threats. The second event was the Russian SolarWinds […]

The SolarWinds hack can directly affect control systems

A highly sophisticated Russian Intelligence group has compromised the SolarWinds Orion platform which has an estimated 18,000 customers and an unknown but vast number of sites. The SolarWinds advisories and webinars have focused on the IT networks, network visibility, and data exfiltration/compromise. However, SolarWinds is also used to directly monitor and CONTROL SNMP devices including […]

Lack of IoT HVAC control system cyber security and potential real-world impacts

A new IoT valve/actuator from a major HVAC equipment supplier has not only no device security. A further look at the supplier’s catalog shows additional products that communicate using common building insecure communication protocols such as BACnet and Modbus. The ability to remotely control these valves/actuators allows for unauthorized control of a building’s environmental control […]

The Chinese hardware backdoors can cause transformer failures through the load tap changers

As I was reviewing my blogs for a paper I was preparing, I found a nuclear power plant incident involving a station auxiliary transformer load tap changer (LTC) failure. Substation transformers have been acknowledged as the Achilles heel of the electric industry. As a result, the 2015 FAST (Fixing America’s Surface Transportation) Act contained a […]

A critical look at the CSIS Report “Dismissing Cyber Catastrophe”

Jim Lewis is a Sr VP at the Center for Strategic and International Studies (CSIS). He wrote the article “Dismissing Cyber Catastrophe” dated August 17, 2020 – https://www.csis.org/analysis/dismissing-cyber-catastrophe?utm_source=CSIS+All&utm_campaign=e4d5b3e04c-EMAIL_CAMPAIGN_2018_11_08_05_05_COPY_01&utm_medium=email&utm_term=0_f326fc46b6-e4d5b3e04c-221758737 . In ‘Dismissing Cyber Catastrophe,’ Jim argues that concerns about industrial cyber security are overblown and the risk is exaggerated. Because the view that ‘cyber catastrophes’ are […]

Followup: INCOSE Critical Infrastructure Protection and Recovery(CIPR) Conference Call

On Thursday, April 9th, 2020, I gave a presentation to INCOSE Critical Infrastructure Protection and Recovery(CIPR) working group monthly call. With the large attendance, it was evident there was an interesting learning about the critical, but generally not addressed, issues of the engineering aspects of control system cyber security. There was also a common thread […]