The incident occurred back in November 2011, or at least that was the story. Initial reports that an advanced hacker had taken control of a Supervisory Control and Data Acquisition (SCADA) system started to surface. This system controlled a physical component: a water pump. Not many of these types of attacks had been reported in the past, and made the report more alarming. Riding on the heels of the Stuxnet discovery, a real and more common threat to critical infrastructure was being realized. The report was quick to attribute the attacker to a country notorious for hacking. The report also indicated the compromised system was forced to operate beyond normal levels, causing a pump to fail. But was it true? Weeks later, the report and attribution were under criticism from ICS-CERT, who had conducted the incident handling steps for the Curran-Gardner Public Water District. By drawing a parallel to the Curran-Gardner attack, a sound and measurable tabletop exercise can be developed to help an organization deal with a real life incident affecting a SCADA system.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program