Home

A brief history of ICS Cyber Security

Dec. 11, 2017

The November 2017 Issue of Control magazine had a section entitled “Serious cybersecurity sources”. In it, they included Unfettered and mentioned it being 10 years old. This got me thinking about a timeline of important ICS cyber security first-of-a-kind events. As my database has identified more than 1,000 ICS cyber incidents, I have not included most of the incidents. There are obviously many other important events and I encourage others to fill those in:

1982

- Gasprom explosion - first nation-state “electronic” attack

1998

- PDD63 - critical infrastructure cyber security

- DOE vulnerability assessments provide initial findings of utility ICS cyber vulnerabilities

1999

- AGA Gas SCADA encryption program - identified cyber as a threat

2000

- EPRI Enterprise Infrastructure Security Program (ICS cyber security) - started ICS cyber security incident database to support EIS program

- Maroochyshire (Austrailia) - first publicly identified targeted ICS cyber attack with damage

2001

- NIST Process Controls Security Requirements Forum (PCSRF)

- 9/11 - changed ICS cyber security by effectively transferring ICS cyber security to IT

2002

- KEMA ICS Cyber Security Conference - first ICS cyber security conference (became ACS ICS Cyber Security Conference-“weisscon” in 2007 then became SecurityWeek ICS Cyber Security Conference in 2014)

- ISA99

- NERC CIP process

- Chemical sector cyber security team

2003

- First ISA 99 documents

- Slammer and Blaster worms affected many ICSs including Davis Besse nuclear plant

- NorthEast blackout (cyber-related)

2004

- INL SCADA Test Bed opens with ICS cyber hacking demonstration

- SCADA hack disables electric utility SCADA

2007

- Started Unfettered