Control system cyber incidents are more common and dangerous than most security specialists and industry leaders tend to believe. They are also hidden in plain sight. That requires some explanation.
I have been amassing a database of control system cyber incidents since 2000 when I helped start the control system cyber security program for electric utilities. When I started, the purpose of the database was to: Show that control system cyber incidents are real and not insignificant in number.
Show that most of the incidents are common across multiple sectors.
Provide input for training engineers and networking personnel as to what to look for as control system cyber incidents are more than just Internet Protocol (IP) network anomalies. Identify if cyber security mitigation technologies can address actual incidents. Use in the design of new control systems to assure that unintentional or malicious threats are being addressed. […]
