Iran attacking critical infrastructures-Cylance report

Dec. 4, 2014

December 2nd, the Cylance report on OpCleaver, Iran attacking critical infrastructures was made public. Unfortunately, the organizations reponsible for protecting our critical infrastructures do not appear to be taking this threat seriously.

December 2nd, the Cylance report on OpCleaver was made public. The report provides details about Iran’s program to attack critical infrastructures. I have been concerned about Iran’s capabilities and intents for several years and have blogged about it in the past. These include articles I have reviewed by an “Iranian engineer” on Stuxnet and Siemens safety systems, articles by Iranian professors on ICS cyber security methodology, and Iran translating Project Shine into Farsi. As an engineer not a threat analyst, I do not know why Iran has chosen to publish some of the articles but I am sure there is a message there. Make no mistake, these articles displayed detailed technical competency. I have expressed my concerns about the Iranian threat in most of my presentations for the past several years because the perceived focus has been on China and Russia. This is not an “I told you so” note. It is a note expressing concern that our critical infrastructure organizations such as NERC, FERC, NRC, NEI, AWWA, and others do not appear to be taking this threat seriously. DHS made the unconscionable mistake of declassifying Aurora in July. Unfortunately, NERC and NRC have not taken any adequate steps to address this targeted threat whose declassified information actually provides a targeted hit list while at the same time DOE won’t even acknowledge Aurora exists. Congress is still gridlocked about passing any legislation which can be good or bad depending on the legislation that may be enacted. Even the recent NIST framework may not be sufficient to address this threat. Nero, in the guise of our critical infrastructure organizations, appears to be fiddling while Rome burns.

Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...