The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Joseph Weiss's picture
Managing Partner Applied Control Solutions

40+ years in industrial instrumentation controls, and automation 20+ years in cyber security of industrial control systems Authored Protecting Industrial Control Systems from Electronic Threats...

  • Member since 2020
  • 56 items added with 41,903 views
  • Nov 19, 2022
  • 361 views

Control system cyber incidents are more plentiful and impactful than most observers expect - more than 17 million directly resulting in more than 34,000 deaths. Most of the incidents were engineering-based cyberattacks used to camouflage a deficiency in the design of the product or to cause physical damage.  The engineering-based cyberattacks did not involve the Internet, Windows, or OT networks to carry out the attacks. Consequently, these incidents were not identifiable by network cyber forensics and would not fall under the Chief Information Security Officer's (CISO) domain. This means most of these incidents would not be addressed by existing government and industry cyber security guidance, nor make its way to the Boards as cyber events. While there have been more than 1,200 electric grid cyber-related incidents, that doesn’t adequately reflect the true impact on customers and the economy as some of the cyber-related outages have affected tens of millions of people. In addition, the diesel cheat scandal lays bare the philosophical differences in how offensive cyber attackers and cyber defenders’ approach cyber security. The impacts from the diesel cheat scandal were huge, more than $35 Billion in damages and several people went to jail, yet many defenders would not consider these to be malicious cyberattacks because they weren’t the type of attacks they were expecting. Until the OT network-focused regulators and practitioners are willing to address engineering-based incidents and attacks, critical infrastructures cannot be secured. Recommendations are provided to address the gaps in control system cyber security monitoring and control system cyber incident disclosure as existing disclosure requirements are geared toward vulnerabilities not incidents. It is also evident that monitoring the process sensor signals at the physics layer would have identified most of the incidents regardless of cause.

Discussions
Mark Silverstone's picture
Mark Silverstone on Nov 21, 2022

«Control system cyber incidents are more plentiful and impactful than most observers expect - more than 17 million directly resulting in more than 34,000 deaths.»


These figures certainly get our attention. But it is difficult to understand what these incidents are.

Perhaps you could please provide some detail regarding the 34,000 deaths? Were they mostly due to emissions due to cyber incidents?

What is a worst case scenario for a series of related cyber incidents that you investigated?


 

Jim Stack's picture
Jim Stack on Nov 21, 2022

What is the time period of these incidents and deaths? 

Who is working to resolve these? 

What progress have we made on these?

Joseph Weiss's picture
Thank Joseph for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »