Home

Iran is aware of electric substation cyber threats and vulnerabilities

Sept. 29, 2021

Mojtaba S. is a project manager, consultant, and industrial security specialist for the Electric Industry of Iran for the past 8 years. His well-written article, “Detecting Cyber Intrusions in Substation Networks,” demonstrates detailed knowledge of electric substation designs, protocols, and cyber vulnerabilities. Russia compromised a US water system and has been in the U.S. grids since 2014. China has compromised control system supply chains and has installed hardware backdoors in large electric transformers. Iran attacked the Bowman Street Dam in New York and has demonstrated detailed understanding of substation cyber threats. Any thoughts that Russia, China, and Iran are technically unaware of how to attack the US critical infrastructures is clearly misinformed.

Joe Weiss

Mojtaba S. is a project manager, consultant, and industrial security specialist for the Electric Industry of Iran. His well-written article, “Detecting Cyber Intrusions in Substation Networks,” demonstrates detailed knowledge of electric substation designs, protocols, and cyber vulnerabilities. (His Linked-In background suggests he has experience in these areas.) The article associates him with Omicron. Omicron is an international company serving the electric power industry with testing as well as diagnostic monitoring solutions. Omicron has U.S. offices in Houston and Waltham, Massachusetts.

From Linked-In, Mojtaba’s background includes:

- “Perfect Expertise in Industrial Control Systems & SCADA stability and cyber-security, particularly in Oil & Gas and Power Grid majors.”
- “Knowledge of Machine/Deep Learning and, Anomaly Detection in Smart CPSs/IOT.”
- “Skilled in Data gathering, Vulnerability Management, Risk Assessment, Risk Management and provide the mitigation for both IT and OT.”
- “Strong understanding various component in the OT ecosystem like OT security Purdue model, LAN–VLAN concepts, Firewalls and Routers, Switches, IDS.”
- “In depth knowledge of industry security frameworks and best practices such as: ISA-99/ IEC-62443, NERC and NIST 800-82.”
- “Experience of common security issues faced and best practices to be followed from a security standpoint.”
- “Good experience of implementing OT Network segmentation, SANS security practices and Nozomi tools.”
- “Direct experience in designing, commissioning, or maintaining SCADA systems, specifically Siemens and KTC (Iranian Brand), YOKOGAWA DCS Systems, Siemens Control Systems.(SIMATIC S7-300,400), Siemens DCS Systems (SPPA-T2000), ABB DCS Systems (Infi90).”
- “Direct experience working with IT & OT network communication protocols like TCP/IP, UDP, Modbus, Profinet, IEC 101, IEC 104, IEC 61850, OPC UA and ability to perform packet analysis.”
- “Expertise in developing and delivering OT/ICS/SCADA security training courses.”

Russia compromised a US water system and has been in the U.S. grids since 2014. China has compromised control system supply chains and has installed hardware backdoors in large electric transformers. Iran attacked the Bowman Street Dam in New York and has demonstrated detailed understanding of substation cyber threats. Any thoughts that Russia, China, and Iran are technically unaware of how to attack the US critical infrastructures is clearly misinformed.

Joe Weiss

About the Author

Joe Weiss | Cybersecurity Contributor

Joe Weiss P.E., CISM, is managing partner of Applied Control Solutions, LLC, in Cupertino, CA. Formerly of KEMA and EPRI, Joe is an international authority on cybersecurity. You can contact him at [email protected]