Nancy Bartels driving the blogging machine here this morning. I am not by nature an alarmist, and I tend to ignore headlines that say (or imply) "OMG, we're all going to die!" On the other hand, when you smell smoke in the kitchen for longer than a couple of minutes,...
MIT issued the report, "The Future of the Electric Grid – An Interdisciplinary MIT Study." Chapter 9 is "Data Communications, Cybersecurity, and Information Privacy." According to the report, the U.S. should implement standards to reduce the risk of cyber attacks on the electricity grid and should designate one agency responsible...
Nancy Bartels of Control magazine and ControlGlobal.com hijacking Joe's blog here. This story would be funny if it wasn't so scary. Wired magazine has broken the real story (or the latest iteration of the real story). The link is here. So it wasn't evil hackers from Russia after all.
My blog on the Illinois water hack was directly based on a formal disclosure announcement by the Illinois State Terrorism and Intelligence Center - STIC (Note: My blog did not identify the state involved. That disclosure came from DHS).
Per the WaterISAC portal, the WaterISAC (Information Sharing and Analysis Center) is a community of water sector professionals who share a common purpose: to protect public health and the environment. The WaterISAC provides email notifications about threats and any incidents demanding immediate attention.
There is a perception that control systems, including field devices, have cyber forensic capabilities similar to those of IT systems. That perception is wrong. A control system generally has a Microsoft front-end human-machine interface (HMI) that should have adequate cyber forensics.
In a blog post on October 18 (now removed) I posted some things I regret about Erfan Ibrahim's remarks at the IEEE Electric Grid Modernization Workshop last week. I apologize to both Mr. Ibrahim and to my readers.