1. Home

Targeted control system cyber attacks - not when, but how much damage

March 21, 2017

Targeted control system cyber attacks have been identified in many countries that include destruction of centrifuges, damage to blast furnace, loss of fuel loading, tilting of an off-shore oil rig, and significant environmental discharges. However, there have been almost no US government or NERC public identification of control system cyber attacks in the US despite the fact that targeted control system cyber attacks have occurred in US critical infrastructures with attendant damage.

There have been many stories about cyber vulnerabilities of critical infrastructure with the tagline – not if, but when. However, there already have been many targeted cyber attacks against critical infrastructures from attackers ranging from disgruntled individuals to nation-states. Targeted control system cyber attacks (this does not include general viruses and worms that were not targeting control systems) are loss of view and/or loss of control and have affected electric power transmission and distribution systems, fossil power plants, nuclear power plants, hydro facilities, wind and water turbines, water/wastewater systems, vehicles, trains, transportation systems, fuel facilities, manufacturing, medical facilities, chemical plants, oil facilities including off-shore oil platforms, food/beverage, paper/pulp, and others.

Targeted control system cyber attacks have been identified in Australia, Brazil, Canada, China, France, Germany, Iran, Israel, Lithuania, Netherlands, Poland, Qatar, Russia, Saudi Arabia, South Korea, UK, Ukraine, and Venezuela. Examples of targeted ICS cyber attacks internationally include destruction of centrifuges, damage to blast furnace, loss of fuel loading, tilting of an off-shore oil rig, and significant environmental discharges. However, there have been almost no US government or NERC public identification of control system cyber attacks in the US despite the fact that targeted control system cyber attacks have occurred in US critical infrastructures with attendant damage. Examples of targeted ICS cyber attacks in the US include loss of electric and water SCADA, damage to manufacturing lines, shutdown of HVAC systems, and damage to facility equipment including critical motors.

 As identified in the Defense Science Board Task Force on Cyber Deterrence issued February 2017, critical infrastructures are vulnerable to cyber attacks. Consequently, there is a need to actively pursue a series of mitigations that include removing critical control systems from the Internet (see DHS ICS Monitor May/June 2015 recommendations), ensuring that updates are performed in a secure and documented manner, and minimizing insider threats by making the systems unavailable to all but trusted users. Additionally, there is a need to focus on resilience and recovery as malware is already in many control system networks.

Joe Weiss

Continue Reading

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...

Latest from Home

shutterstock_2407457999
shutterstock_2366137569
shutterstock_1830740018

Most Read

Sponsored