Control System Cyber Incidents Are Real and Current Prevention and Mitigation Strategies Are Not Working

Jan. 19, 2022
There have been almost 12 million control system cyber incidents globally across all sectors resulting in more than 1,500 deaths, and more than $90BillionUS in direct damage. Our article, “Control System Cyber Incidents Are Real—and Current Prevention and Mitigation Strategies Are Not Working”, has been published in the January issue of IEEE Computer magazine. This article adds focus to the January 5th IEEE-led meeting on the lack of cyber security in process sensors in any industry cyber security standard. Additionally, the NATO article, “Guide for Protecting Industrial Automation and Control Systems Against Cyber Incidents” by Vytautas Butrimas also focused on control systems. Compare these control system efforts to US critical infrastructure protection efforts which have not addressed the unique aspects of insecure control system devices. Now recognize that Russia, China, Iran, and others are aware of these shortcomings. Hopefully, we will respond accordingly. 

Control system cyber incidents are real and damaging

There have been almost 12 million control system cyber incidents globally across all sectors resulting in more than 1,500 deaths, and more than $90BillionUS in direct damage.

Current prevention and mitigation strategies are not working

Our article, “Control System Cyber Incidents Are Real—and Current Prevention and Mitigation Strategies Are Not Working”, has been published in the January issue of IEEE Computer magazine (https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9681670 ). This article adds focus to the January 5th IEEE-led meeting on the lack of cyber security in process sensors in any industry cyber security standard (https://www.controlglobal.com/blogs/unfettered/cross-industry-meeting-to-address-the-gap-in-process-sensor-cyber-security-and-process-safety). Additionally, the NATO article, “Guide for Protecting Industrial Automation and Control Systems Against Cyber Incidents” by Vytautas Butrimas (https://enseccoe.org/data/public/uploads/2022/01/d2_guide-for-protecting-against-cyber-incidents-in-iacs-cei.pdf) also focused on control systems. The NATO guide provides an analysis of technology-based threats, both intentional and unintentional, to the safety, reliability, resilience and performance of critical energy infrastructure and how cyber risks to the technologies used to monitor and control physical processes in CEI can be addressed.

Compare these control system efforts to US critical infrastructure protection efforts which have not addressed the unique aspects of insecure control system devices. Now recognize that Russia, China, Iran, and others are aware of these shortcomings. We have a chance to improve cyber security, safety, and resilience of the critical infrastructures. Hopefully, we will respond accordingly.

Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...