Mojtaba S. is a project manager, consultant, and industrial security specialist for the Electric Industry of Iran. His well-written article, āDetecting Cyber Intrusions in Substation Networks,ā demonstrates detailed knowledge of electric substation designs, protocols, and cyber vulnerabilities. (His Linked-In background suggests he has experience in these areas.) The article associates him with Omicron. Omicron is an international company serving the electric power industry with testing as well as diagnostic monitoring solutions. Omicron has U.S. offices in Houston and Waltham, Massachusetts.
From Linked-In, Mojtabaās background includes:
Ā - āPerfect Expertise in Industrial Control Systems & SCADA stability and cyber-security, particularly in Oil & Gas and Power Grid majors.ā
- āKnowledge of Machine/Deep Learning and, Anomaly Detection in Smart CPSs/IOT.ā
- āSkilled in Data gathering, Vulnerability Management, Risk Assessment, Risk Management and provide the mitigation for both IT and OT.ā
- āStrong understanding various component in the OT ecosystem like OT security Purdue model, LANāVLAN concepts, Firewalls and Routers, Switches, IDS.ā
- āIn depth knowledge of industry security frameworks and best practices such as: ISA-99/ IEC-62443, NERC and NIST 800-82.ā
- āExperience of common security issues faced and best practices to be followed from a security standpoint.ā
- āGood experience of implementing OT Network segmentation, SANS security practices and Nozomi tools.ā
- āDirect experience in designing, commissioning, or maintaining SCADA systems, specifically Siemens and KTC (Iranian Brand), YOKOGAWA DCS Systems, Siemens Control Systems.(SIMATIC S7-300,400), Siemens DCS Systems (SPPA-T2000), ABB DCS Systems (Infi90).ā
- āDirect experience working with IT & OT network communication protocols like TCP/IP, UDP, Modbus, Profinet, IEC 101, IEC 104, IEC 61850, OPC UA and ability to perform packet analysis.ā
- āExpertise in developing and delivering OT/ICS/SCADA security training courses.ā
Russia compromised a US water system and has been in the U.S. grids since 2014. China has compromised control system supply chains and has installed hardware backdoors in large electric transformers. Iran attacked the Bowman Street Dam in New York and has demonstrated detailed understanding of substation cyber threats.Ā Any thoughts that Russia, China, and Iran are technically unaware of how to attack the US critical infrastructures is clearly misinformed.
Joe Weiss