.svg){kind=spacer}
May 12, 2025
May 12, 2025
Control system field devices have no cyber security, authentication, or cyber forensics. These devices were orphaned from cybersecurity programs as OT networks became the focus of cybersecurity programs and the RSA Cybersecurity Conference. At RSA, there were numerous discussions about network cybersecurity threats from Russia, China, and Iran, as well as on the latest APTs. There were panel sessions and presentations on OT and critical infrastructures, but no discussions about control system field devices. There were no discussions about control system cyber incidents, whether malicious or unintentional. Yet, there have been more than 17 million malicious and unintentional control system cyber incidents across all sectors globally that have killed more than 30,000 people. The vast majority were not identified as being cyber-related, but “glitches” as they were not IP network-related incidents. There were discussions about Chinese “typhoon” cyberattacks but no discussions of hardware backdoors in large Chinese-made electric power transformers that bypassed OT networks. The control system cybersecurity gap included a presentation given by the Food and Ag-ISAC on the increase in ransomware incidents. Meanwhile, in August 2023 (indictment filed in April 2025) a former employee of a poultry cleaning service altered levels of peracetic acid and sodium hydroxide at a poultry processing facility while disabling safety alarms and redirecting notification emails. This cyberattack was not by a nation-state but could put the US food pipeline at risk and was not addressed. Russia, China, and Iran are aware of the cybersecurity gaps between OT networks and control system field devices and are exploiting these gaps knowing the cyber defenders are not looking. We need appropriate control system cybersecurity training for both the network and engineering/operations organizations to identify when control system incidents are cyber-related.
©2025 NIS2U GmbH All Rights Reserved.
