My blog on the Illinois water hack was directly based on a formal disclosure announcement by the Illinois State Terrorism and Intelligence Center - STIC (Note: My blog did not identify the state involved. That disclosure came from DHS). The STIC disclosure was made on November 10; my blog was on November 17 after numerous water organizations told me they were unaware of the disclosure.

Per the WaterISAC portal, the WaterISAC (Information Sharing and Analysis Center) is a community of water sector professionals who share a common purpose: to protect public health and the environment. The WaterISAC provides email notifications about threats and any incidents demanding immediate attention. Consequently, one of the driving reasons for writing the blog on the Illinois water system hack Thursday was the WaterISAC had not yet notified the water utilities.

Last week, a disclosure was made about a public water district SCADA system hack. There are a number of very important issues in this disclosure:

The final agenda can be found at www.realtimeacs.com There are several unique hallmarks of the conference:

• Discussions of actual control system cyber impacts
• The significant amount of discussion makes keeping a schedule almost impossible
• Many of the presenters are not recognizable as they are not the typical speakers – these are the control system cyber security experts.

Wednesday September 21

High Points:

Is there really a lack of information about control system cybersecurity? Would you be willing to pay for outside help to address your cybersecurity issues? Would some sort of certification mechanism make you more willing hire this kind of expertise?

The industry uses the general term "threat information," but during more detailed discussions, it seems that the information companies seek is more like the traditional military concept of "tactical information."

Read this article and let us know if you agree.

We're about to acquire a significant new cybervulnerability. The world's energy utilities are starting to install hundreds of millions of 'smart meters' which contain a remote off switch. Its main purpose is to ensure that customers who default on their payments can be switched remotely to a prepay tariff

Here's the summary of the latest RISI incident report:

2009 REPORT ON CONTROL SYSTEM CYBER SECURITY INCIDENTS RELEASED

Each year the damage to critical infrastructure
from network incidentsand cyber attacks is measured
in the billions of dollars.

Traci Purdum, senior digital editor, talks
to Eric Byres, chief technology officer of Byres
Security Inc., to understand the risks and learn
how to mitigate them.

In a report published June 12th, Register.com's Dan Goodin reports, "The newfangled meters needed to make the smart grid work are built on buggy software that's easily hacked, said Mike Davis, a senior security consultant for IOActive. The vast majority of them use no encryption and ask for no authentication before carrying out sensitive functions such as running software updates and severing customers from the power grid. The vulnerabilities, he said, are ripe for abuse."