Why are unintentional ICS cyber incidents important to address
- They can cause significant impacts. There have already been four unintentional control system cyber incidents in the US that caused major damage and killed people.
- It may not be possible to tell the difference between a malicious attack versus an unintentional incident. As an example, the only difference between 2008 Florida Outage being a malicious attack versus an unintentional incident was the motivation of the engineer in the substation in removing all equipment protection?
- An unintentional incident can make a system less robust making it easier to attack
The following actual case best explains the situation: Engineers at a major brewery thought the company's bottling systems were secured until someone with access logged in and inadvertently changed a timer for a maintenance device on a bottle filler. It was supposed to squirt grease into the bearing every 20 minutes but was changed to once every 8 hours. The bearing soon froze. The line that filled 1,200 bottles/minute ground to a halt creating a $100,000 loss. The plant engineer stated: "With well-intentioned engineers monkeying around in the automation system, who needs terrorists or disgruntled employees?"