Wednesday, July 22, 2009
Reporting Attacks on Control Systems
Monday, July 20th, 2009 was an important day for control system security. The long awaited birth of RISI (Repository of Industrial Security Incidents) finally occurred. The RISI is a data base operated by Security Incidents Organization (www.SecurityIncidents.org), a non-governmental organization (NGO) that will collect, investigate, analyze, and share information about security incidents involving industrial control systems. Walt Boyes and Joe Weiss from ControlGlobal.com are part of the team that has been working on bringing this organization and data base to life. Other easily recognized names behind this start-up include: John Cusimano, of exida, Eric Byres of Byres Security div. of Exida, Todd Stauffer, also of exida, Aris Espejo of Syncrude Ltd., Eric Cosman of Dow Chemical Company. To give a viable start to this project the RISI database was started with data from 150 cyber incidents that had been gathered by the Industrial Security Incidents Database (ISID) an academic project starting in 2001. This makes RISI currently the largest database of control system incidents. Those incidents include accidental cyber-related incidents, as well deliberate events such as external hacks, Denial of Service (DoS) attacks, and virus/worm infiltrations that did or could have resulted in loss of control, loss of production, or a process safety incident. While the Security Incidents Organization is a registered non-profit, it does have expenses to cover. There is an annual membership fee for full access to the RISI database, but in a remarkable marketing idea for a bunch of control geeks, they offer a free 3 month membership (or extension of membership) for each industrial cyber incident reported. Anyone that is responsible for an industrial control system (especially control systems at high-risk chemical facilities), or for security of the same, should visit the organization web site. A detailed exploration of the site would be well worth your time. I’m adding the site to my list of daily internet stops.