FAS

Weaknesses in Industrial Cyber Security Described

08.02.10 | 1 min read | Text by Steven Aftergood

The vulnerabilities of critical energy infrastructure installations to potential cyber attack are normally treated as restricted information and are exempt from public disclosure.  But a recent Department of Energy report was able to openly catalog and describe the typical vulnerabilities of energy infrastructure facilities because it did not reveal the particular locations where they were discovered.

“Although information found in individual… vulnerability assessment reports is protected from disclosure, the security of the nation’s energy infrastructure as a whole can be improved by sharing information on common security problems,” the DOE report (pdf) said. “For this reason, vulnerability information was collected, analyzed, and organized to allow the most prevalent issues to be identified and mitigated by those responsible for individual systems without disclosing the identity of the associated… product.”

The specific vulnerabilities that were found are no big surprise — open ports, unsecure coding practices, and poor patch management.  But by describing the issues in some detail, the new report may help to demystify the cyber security problem and to provide a common vocabulary for publicly addressing it.  See “NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses,” Idaho National Laboratory, May 2010.

publications
See all publications
Government Capacity
Policy Memo
We Need a U.S. Permitting Corps: Executive and Legislative Recommendations

Despite significant political momentum behind reform efforts, limited attention has been paid to the federal workforce that will actually be responsible for interpreting and implementing new permitting regulations and better outcomes.

07.08.26 | 10 min read
read more
Environment
Press release
Amid Sweltering Weather, the Federation of American Scientists Releases Expert-Sourced “State and Local Heat Policy Agenda”

Nearly 150 organizations and government officials have endorsed the call to action and solutions for extreme heat, now public at HeatAgenda.US Washington, D.C. – July 7, 2026 – As millions of Americans continue to struggle to stay cool following one of the hottest Independence Day holidays on record, the Federation of American Scientists (FAS), one […]

07.07.26 | 3 min read
read more
Environment
Issue Brief
Policy Memo
The State and Local Heat Policy Agenda

Addressing rising heat will take all of us. Together, we can create heat-safe homes, workplaces, schools, childcare facilities, and communities – the backbone of a heat-ready nation.

07.07.26 | 5 min read
read more
Emerging Technology
Blog
A conversation with Lee Hood on The Human Phenome Initiative and the next frontier in biomedical research

We sat down with biomedical research pioneer Lee Hood to talk moonshots, metascience in medicine, and the Human Phenome Initiative.

07.06.26 | 9 min read
read more