Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.
Tuesday June 13, 2017 I am giving a paper/presentation at the American Nuclear Society Conference in San Francisco on “The Implications of the Ukrainian Cyber Attacks to Nuclear Plants”. The paper will focus on the impact of compromising protective relays but will also touch on the cyber insecurity of process sensing.
The assumption that network anomaly detection is correlated to physical process anomalies is only true if there is a direct look into the “raw” process. However, network anomaly detection cannot address potential sensor anomalies that occur before the serial-to-Ethernet convertors leading to a false sense of security.
DoS is typically accomplished by flooding the targeted machine to overload systems and prevent some or all legitimate requests from being fulfilled. However, it does not matter if the service/system is shutdown by the attacker or by the end-user in response to the attacker– the system is still shut down.
Hopefully, the book Warning- Finding Cassandras to Stop Catastrophes can reach the appropriate decision makers to help move the needle on cyber securing the control systems in our commercial and industrial infrastructures.
The April 21, 2017, San Francisco outage should raise red flags at DOE, FERC and NERC about how they classify Critical Infrastructure and Key Resources (CIKR) and Bulk Electric System (BES) assets. This outage emphatically points out that system reliability, the definition ofkey facilities, and economic impact should be considered...
Failure or compromise of Level 1 devices can, and have, resulted in major catastrophic failures. Consequently, there needs to be more focus on securing and having situational awareness of Level 1 devices. Securing Level 1 devices requires an understanding of the devices and processes.