Cyber incidents down for petrochemicals, up for water/wastewater #pauto

Here's the summary of the latest RISI incident report:


 SELLERSVILLE, PA (March 29, 2010) – The number of control system security incidents in the water & wastewater industry rose sharply in 2009 according The Security Incidents Organization.  The findings were published today in the 2009 Annual Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems.  
 The report is a detailed analysis of all incidents recorded up to December 31, 2009 in the Repository of Industrial Security Incidents (RISI).  RISI is an industry-wide repository for collecting, analyzing, and sharing high-value information regarding cyber security incidents that directly affect SCADA, manufacturing, and process control systems.
At the time of publication, there were 175 confirmed incidents in the database. The analysis determined where and when the incidents occurred. It also identified the types of incidents and the threat factors that executed them, the methods and techniques used to gain entry.  Results achieved versus the results that were attempted and the financial and operational impacts on the “victims” were included as well.
 The body of the report provides detailed analyses of the incident data and compares recent data to historical data to identify shifts or trends of interest to the reader.  A section of the report is dedicated solely to incidents occurring in 2009, including brief case studies for all incidents reported in during that time.  The report also includes, for the first time, an overview of industrial control system vulnerabilities reported in 2009 courtesy of Critical-Intelligence, Inc.
A significant shift has been observed in the incident rates by industry over the past five years.  RISI has observed an overall decline in the incident rate in the petroleum and chemical industries (over 80%), but an increase in the incident rate in the water & wastewater (over 300%) and the power & utilities industries (30%). 
Despite a decline in recent years, the vast majority of control system cyber security incidents (almost 50%) reported by RISI have been caused by malware, including viruses, worms and trojans.  However, incidents involving unauthorized access or sabotage perpetrated by internal sources -- such as a disgruntled former employee or contractor who uses inside knowledge or access privileges to cause harm to the company -- are up considerably in the same time period comparison.  Also on the rise are incidents where network anomalies induced failures in control system equipment.   

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


  • <p> Of the incidents that are known, how many are water from year to year, how many are energy from year to year, how many are petrochemical from year to year? </p> <p> It seems to me that we're approaching the noise of quantum events.  Saying that something goes up or down 30% is almost meaningless if you only have a handful of events like this per year.   </p>


  • <p> I must admit that it crossed my mind about three or four times writing pretty much the same that our trusty ab3a just said. I hesitated, but I'm glad somebody else brought up the concern. </p> <p> Anyone with a background in statistics will raise an eyebrow or two when reading about trends and developments in a sample that is lightyears away from being representative. </p>


RSS feed for comments on this page | RSS feed for all comments