Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.
February 21st, 2017, CBS television had an NCIS episode that featured the Aurora vulnerability. The Aurora event that was depicted on the program had many of the misconceptions that are prevalent to this day. That is, Aurora is malware and only affects diesel generators.
The 2017 RSA Security Conference had more discussions of ICS cyber security which is important as RSA is the mainstream of cyber security. On the other hand, some of the discussions were misleading with some speakers unaware of control system issues – an all too common problem.
The process industry initiative to develop a standards-based, secure-by-design control system is getting interest from many different industry sectors. Unfortunately, there are no electric utilities participating. February 28th, I will be participating in a webinar with the ExxonMobil Chief Engineer to discuss the initiative and what it means to power...
PG&E is now a convicted felon, fined $3Million, and required to have a monitor for their natural gas operations (beyond the oversite of the CPUC). Additionally, the judge ordered PG&E to serve five years of probation, and PG&E must run a three month advertising campaign on television publicizing PG&E’s convictions.
January 11-13, 2017, Texas A&M held the first Cybersecurity of Critical Infrastructure Summit for Energy and Manufacturing - https://cybersecurity.tamu.edu/cybersummit2017. I believe this Conference showed that, with understanding, there is a desire to address ICS cyber security issues.
Unintended consequence of control system cyber issues have resulted in significant injuries and deaths in medical devices. Just like industrial applications, the root causes were not identified for months to years.
December 30, 2016, the Washington Post broke the story: “Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say”. There are numerous questions and concerns that arise from this story as malware has been in the US electric grids since at least 2014.
In early 2016, ExxonMobil approached The Open Group to initiate a new open standards activity for a standards based, secure control system. From March to September 2016, ExxonMobil and staff of The Open Group established a “coalition of the willing” comprising end-users in the process control industries and their key suppliers.