Home » RISI reports water/wastewater cyber-incidents up sharply
RISI reports water/wastewater cyber-incidents up sharply
SELLERSVILLE, Pa. – The number of control system security incidents in the water and wastewater industry rose sharply in 2009 according The Security Incidents Organization. The findings were published today in the "2009 Annual Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems."
The report is a detailed analysis of all incidents recorded up to December 31, 2009, in the Repository of Industrial Security Incidents (RISI). RISI is an industry-wide repository for collecting, analyzing and sharing high-value information regarding cyber security incidents that directly affect SCADA, manufacturing and process control systems.
At the time of publication, there were 175 confirmed incidents in the database. The analysis determined where and when the incidents occurred. It also identified the types of incidents and the threat factors that executed them and the methods and techniques used to gain entry. Results achieved versus the results that were attempted and the financial and operational impacts on the "victims" were included as well.
The body of the report provides detailed analyses of the incident data and compares recent data to historical data to identify shifts or trends of interest to the reader. A section of the report is dedicated solely to incidents occurring in 2009, including brief case studies for all incidents reported in during that time. The report also includes, for the first time, an overview of industrial control system vulnerabilities reported in 2009 courtesy of Critical-Intelligence, Inc.
A significant shift has been observed in the incident rates by industry over the past five years. RISI has observed an overall decline in the incident rate in the petroleum and chemical industries (over 80%), but an increase in the incident rate in the water and wastewater (over 300%) and the power and utilities industries (30%).
Despite a decline in recent years, the vast majority of control system cyber security incidents (almost 50%) reported by RISI have been caused by malware, including viruses, worms and trojans. However, incidents involving unauthorized access or sabotage perpetrated by internal sources -- such as a disgruntled former employee or contractor who uses inside knowledge or access privileges to cause harm to the company -- are up considerably in the same time period comparison. Also on the rise are incidents where network anomalies induced failures in control system equipment.
- 05/17/2013 Friday p.m. Wrap-Up:This Week on ControlGlobal and Elsewhere
- 05/16/2013 What's Bad Weather Costing Us?
- 05/16/2013 BP, Shell, Statoil Raided by EC
Invensys' SimSci Suite 2013 Now with More Usability Features
Invensys releases SimSci Suite 2013, a DVD catalogue providing a single source for all of Invensys' current SimSci-Esscor design, operator training, simulation and optimization software
Honeywell Integrates and Certifies FMC722 Subsea Automation Protocol
The integration and certification of these solutions will boost the productivity of oil and gas field operators and engineers
- 05/15/2013 What we can learn about safety from the Titanic hearings
- 05/15/2013 Monsanto Muscatine named 2012 HART Plant of the Year
- 05/14/2013 Siemens gas chromatograph is ISA Product of the Year
- 05/14/2013 IChemE issues call for papers for fall conference
- 05/10/2013 CEO Hogan to leave ABB for private reasons
- All news »
Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.
- Featured White Papers