039 New friends until proven otherwise
Today, Larry Grate on going from conveyor belts in a kaolin mine to hardening industrial systems against cyber attacks. Spoiler alert: Email phishing scams put things like water supply and power grids at risk. Russ is unusually concerned and pessimistic about fixes and progress but encouraged by Larry’s visible enthusiasm for industrial cyber security. A lot of good stories (and sage wisdom) get left on the table and plans are made to try to retrieve it.
4m 30s Some useful acronyms for those following along at home, all of which broadly are “industrial controllers” which means computers controlling stuff in factories, mines, power plants, etc.
PLC - Programmable logic controller
DNC - Distributed network control
DCS - Distributed control system
SCADA - Supervisory control and data acquisition
HMI - Human machine interface
CNC - Computer numerical control
[Yes, I got all of those from memory. No, that does not make me smart. -Russ]
8m 35s Larry on a young life in the mines. Also, what is kaolin? What is potash?
14m 37s “Stuxnet” is the name of both a famous computer virus and shorthand for a cyber attack against Iranian uranium enrichment around 2010. By the unofficial Happy Jōb department of numbers, it is brought up at least weekly by industrial control security professionals and somewhat more often by non-professionals with a casual interest in industrial cyber security.
20m 59s Systems are often both very fragile and surprisingly robust. This is less a duality than a consequence of scare time, dollars, and other resources.
33m 38s If you had to choose just one, non-existent, casual, or out-of-date approaches to encrypting data is probably the biggest cyber threat (improvement opportunity?) for industrial systems.