Tuesday, July 1, 2014

More Utility Bashing

In this recent post, I discussed three particularly egregious instances of people reflexively dumping on electric utilities for poor cyber security, without bothering to back up what they said with any evidence.  The first example was an article on the Smart Grid News website, which had attacked the new NERC physical security standard without bothering to understand how and why the standard was developed.

I regret to say that SGN is at it again.  In this recent article – whose overall premise I basically agree with – Jesse Berst takes a pot shot (so to speak) at Pacific Gas and Electric, owner of the Metcalf substation, by saying “Metcalf is the California substation that was attacked last year (though the incident was not revealed until the following spring).” 

I found this quite interesting, since I remember reading about the incident when it happened in April 2013.  Sure enough, a quick Google search found several contemporaneous articles, including this one published the same day as the attack.

It is true that the publicity became much more widespread this year, when the former FERC chairman began raising the issue repeatedly, and some US Senators and Congressmen wrote FERC to do something about this (even though they had been doing a lot) – this led to the new physical security standard, CIP-014-1.   

But to say that this was never disclosed last year is just another example of the reflexive utility bashing that seems to be one of the biggest sports in the media nowadays.  I’m certainly not saying the utilities can’t be criticized for poor cyber security practices.  But make your case, guys – based on facts.

The views and opinions expressed here are my own and don’t necessarily represent the views or opinions of Honeywell.

No comments:

Post a Comment