Good question.
I’ll try answering and recommend reading about the challenges of protecting Industrial Control Systems - SCALA
It would be ideal if ICS SCADA systems could be fully isolated (air-gapped) from the public internet.
However, ICS servers and periperhal components need remote access by manufacturers and service vendors in order to monitor events, manage and update software and firmware.
An outside facing interface and service account is vulnerable to attack that exploits weak identity access management security. The same can be said for the weak security found on some wireless connected pump, valve and sensor components. Old legacy components that were designed years ago did not have robust IAM security and are specialized, and very costly to replace (downtime).
A multi-billion dollar power engineering firm I nearly went to work for LAST YEAR, confided that they had yet started to conduct IT Security audits on the dozens of international power plants they manage.
2015 ICS Cyber Security Conference
www.icscybersecurityconference.com Proxy Highlight
The ICS Cyber Security Conference is the event where ICS users, vendors, system ... including protection for SCADA systems, plant control systems, engineering ... Grid: Analyzing what Hackers do when they have access to the “ Power Grid ...
Cybersecurity Myths on Power Control Systems - Department of ...
www.cse.psu.edu/~sem284/cse598e-f11/papers/pietre-cam... Proxy Highlight
Davis–Besse nuclear power plant contaminated by the Slammer worm in 2003 [7 ] is a ... particularly aware of ICS cybersecurity risks. The first widely reported ...
Cybersecurity in the power sector - Power Engineering International
www.powerengineeringint.com/ articles/ p... Proxy Highlight
Oct 14, 2014 ... “Big power plants and big energy producers are under heavy and severe ... According to Symantec, many SCADA and ICS systems sit outside ...
SCADAhacker: Cyber Security for Critical Infrastructure Protection
https://www.scadahacker.com/ Proxy Highlight
An important aspect of cyber security for critical infrastructure protection ... food factories to gas pipelines, power plants, and chemical facilities—even our cars. ... The OSVDB database currently tracks a total of 1069 ICS vulnerabilities, with 98 ...
power plant cyber security | Industrial Control Cyber Security Europe ...
https://industrialcontrolsecurityeurope.com/ tag/ ... Proxy Highlight
Jul 15, 2015 ... The Cyber Senate has arranged a strategic alliance with The Industrial Control System Information Sharing and Analysis Center (ICS-ISAC), ...
Cyber Security Design Methodology for Nuclear Power Control ...
www.automation.com/pdf_articles/Cyber_Security_Design... Proxy Highlight
A complete Nuclear Power ICS cyber security life cycle program is ... Essentially, the purpose of I&C systems at a Nuclear Power Plant (NPP) is to enable and.
“An outside facing interface and service account is vulnerable to attack that exploits weak identity access management security. The same can be said for the weak security found on some wireless connected pump, valve and sensor components. Old legacy components that were designed years ago did not have robust IAM security and are specialized, and very costly to replace (downtime).”
Thank you MarchonDC#s. I’m still significantly ignorant to not believe their own secured cyberspace could exist outside of the internet you and I have access to. I’ll try to learn more, and thanks again for the very thorough reply.