Weaknesses in Industrial Cyber Security Described
The vulnerabilities of critical energy infrastructure installations to potential cyber attack are normally treated as restricted information and are exempt from public disclosure. But a recent Department of Energy report was able to openly catalog and describe the typical vulnerabilities of energy infrastructure facilities because it did not reveal the particular locations where they were discovered.
“Although information found in individual… vulnerability assessment reports is protected from disclosure, the security of the nation’s energy infrastructure as a whole can be improved by sharing information on common security problems,” the DOE report (pdf) said. “For this reason, vulnerability information was collected, analyzed, and organized to allow the most prevalent issues to be identified and mitigated by those responsible for individual systems without disclosing the identity of the associated… product.”
The specific vulnerabilities that were found are no big surprise — open ports, unsecure coding practices, and poor patch management. But by describing the issues in some detail, the new report may help to demystify the cyber security problem and to provide a common vocabulary for publicly addressing it. See “NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses,” Idaho National Laboratory, May 2010.
With summer 2025 in the rearview mirror, we’re taking a look back to see how federal actions impacted heat preparedness and response on the ground, what’s still changing, and what the road ahead looks like for heat resilience.
Satellite imagery of RAF Lakenheath reveals new construction of a security perimeter around ten protective aircraft shelters in the designated nuclear area, the latest measure in a series of upgrades as the base prepares for the ability to store U.S. nuclear weapons.
It will take consistent leadership and action to navigate the complex dangers in the region and to avoid what many analysts considered to be an increasingly possible outcome, a nuclear conflict in East Asia.
Getting into a shutdown is the easy part, getting out is much harder. Both sides will be looking to pin responsibility on each other, and the court of public opinion will have a major role to play as to who has the most leverage for getting us out.