top of page
Nick

TLDR; Burn In

TLDR; is a series of book reviews related to the field. This is on the far end of the spectrum, I admit, but if you are in industrial controls, I would argue you should still read this.


Burn In, by P. W. Singer and August Cole, is a sci-fi thriller set in the not-too-distant future. A terrorist (or perhaps terrorist organization) attacks the USA in the very near future. The backdrop is an extrapolation of our current society failing to adapt to very real technologies and political issues we have already started to see. It follows Ghost Fleet, another excellent book that does not cover ICS but also covers the near future.


The authors claim they like to write "useful fiction," as noted by Foreign Affairs. The American government's gridlock fails to tackle actual issues and presents a security threat. White-collar jobs get wiped out by AI, and income inequality continues to rise... increasingly plausible to anyone who lives here.


More interesting to me is a very specific note on targeted attacks on an industrial control network. It is worth noting that I found this fairly plausible, especially for unmanned plants. I hesitate to spoil much, but a water utility's control system is left poorly defended and the adversary is able to trick a single sensor into throwing off a feedback loop.


Is this implausible? Not at all.


If you work in any industrial control system, you are a target. I don't care what country you are in, what region you service, someone is trying to get into your water and power grid. Your power grid is an ideal target to shut down a country. In the USA, this has already happened.


When you go ahead and install that auto-dialer for when you are off-shift, keep in mind that tool can be used by the adversaries as well. Many will not use an old-school dial up modem, rather they use an SMS or email... Which presents some issues.


If you are going to add these in, or some Industry 4.0 devices, consider...

  1. Are you keeping those system's firmware up to date?

  2. Are the manufacturers going to keep them up to date?

  3. Do you have them behind any cyber defense? (At the least, a well-set up firewall?)

  4. What is your back-up plan if some device fails?

  5. Do you have back-ups of your system?

  6. Do you have documentation of your system?

If you really want to lose sleep, check out Shodan. There are way too many things up there.


4 views0 comments

Recent Posts

See All

TLDR; The Cuckoo's Egg

TLDR; is a series dedicated to books that might help the automation professional. While this is not quite in the realm of industrial...

TLDR; The Culture Code

TLDR; is a series of book reviews for the industrial automation professional. While this particular read is not specific to industrial...

Comentarios


bottom of page