1. Home

Significant ICS cyber security incidents continue to occur – some without known causes

Jan. 2, 2013
In the IT community, a worst case scenario is denial-of-service. In the ICS community, a worst case scenario is loss of control/loss of view. Enclosed are some recent cases of loss of control/loss of view with four different major ICS suppliers each without a known cause.

In the IT community, a worst case scenario is denial-of-service. In the ICS community, a worst case scenario is loss of control/loss of view. Enclosed are some recent cases of loss of control/loss of view with four different major ICS suppliers each without a known cause.


Almost a year ago, an international utility sent a Linked-in note asking for help on a VERY significant ICS cyber incident- total loss of view and control of 2 large power plants during operation. The request was because the utility could not get an acceptable response from their plant distributed control system (DCS) supplier (Vendor A) and wanted to know if anyone else experienced a similar situation. At the October 2012 ICS Cyber Security Conference, another utility gave a presentation of an ICS cyber security incident during the commissioning of their new plant DCS. In this case, they also experienced loss of view and loss of control. Even with DCS vendor personnel on-site, they were not able to rectify the problem or get an explanation as to what caused the incident from their DCS vendor (Vendor B). Another end-user sent a note asking for help because they experienced loss of view and loss of control of their ICS with the facility operating (Vendor C). Still another had a problem with their PC-based ICS (Vendor D) occasionally unable to see other PCs on the network and losing communications with important field I/O.

There are a number of issues and observations:
- These are loss of view/loss of control incidents not traditional denial-of-service
- Incidents were independent of any specific ICS vendor
- Lack of understanding of what caused the problems
- Lack of guidance on how to respond to these problems
- Lack of adequate response from the ICS suppliers
- Need to share information on very significant ICS cyber incidents


If any readers have had similar incidents, please contact me at [email protected]. I will keep all information confidential and would be willing to share the information I have collected on a "give to get" basis. We will discuss these issues at the next 2013 ICS Cyber Security Conference.
Joe Weiss

About the Author

Joe Weiss | Cybersecurity Contributor

Joe Weiss P.E., CISM, is managing partner of Applied Control Solutions, LLC, in Cupertino, CA. Formerly of KEMA and EPRI, Joe is an international authority on cybersecurity. You can contact him at [email protected]

Email

Continue Reading

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...

Latest from Home

Teamwork puzzle as effective team collaboration process tiny person concept
Woman, mentor and whiteboard in office for training, teaching and learning for skill or career development
Construction worker man in protective suit and reflective green vest standing with building structure in the background

Most Read

Sponsored