CT-Update-Sample-400

A brief history of ICS Cyber Security

Dec. 11, 2017

The November 2017 Issue of Control magazine had a section entitled “Serious cybersecurity sources”.  In it, they included Unfettered and mentioned it being 10 years old. This got me thinking about a timeline of important ICS cyber security first-of-a-kind events. 

The November 2017 Issue of Control magazine had a section entitled “Serious cybersecurity sources”.  In it, they included Unfettered and mentioned it being 10 years old. This got me thinking about a timeline of important ICS cyber security first-of-a-kind events. As my database has identified more than 1,000 ICS cyber incidents, I have not included most of the incidents. There are obviously many other important events and I encourage others to fill those in:

1982

- Gasprom explosion - first nation-state “electronic” attack

1998

- PDD63 - critical infrastructure cyber security

- DOE vulnerability assessments provide initial findings of utility ICS cyber vulnerabilities

1999

- AGA Gas SCADA encryption program - identified cyber as a threat

2000

- EPRI Enterprise Infrastructure Security Program (ICS cyber security) - started ICS cyber security incident database to support EIS program

- Maroochyshire (Austrailia) - first publicly identified targeted ICS cyber attack with damage

2001

- NIST Process Controls Security Requirements Forum (PCSRF)

- 9/11 - changed ICS cyber security by effectively transferring ICS cyber security to IT

2002

- KEMA ICS Cyber Security Conference - first ICS cyber security conference (became ACS ICS Cyber Security Conference-“weisscon” in 2007 then became SecurityWeek ICS Cyber Security Conference in 2014)

- ISA99

- NERC CIP process

- Chemical sector cyber security team

2003

- First ISA 99 documents

- Slammer and Blaster worms affected many ICSs including Davis Besse nuclear plant

- NorthEast blackout (cyber-related)

2004

- INL SCADA Test Bed opens with ICS cyber hacking demonstration

- SCADA hack disables electric utility SCADA

2007

- Started Unfettered

- INL Aurora test

2010

- Book: Protecting Industrial Control Systems from Electronic Threats;

- Stuxnet discovered/ Ralph Langner presentation

2011

- NIST SP800-82

2012

- Project Shine findings report (identified ICSs connected to the Internet)

2014

- DHS declassified Aurora

2015

- DHS identifies BlackEnergy as being in US grids since 2014

2016

- National Academy of Science, Engineering, and Medicine keynote

2017

- Identification of lack of security of Level 0,1 devices (new ISA working group established)

Joe Weiss

Like this blog post? Sign up for the Control Update newsletter and get posts like this delivered right to your inbox.