By Norris Cornell IAM  | SCADA CybersecurityDecember 19, 2024 Executive Summary In October 2024, U.S. authorities confirmed that Chinese state-sponsored actors—tracked as Salt Typhoon—had compromised at least nine major U.S. telecommunications providers. The breach, which persisted for over a year undetected, accessed call records from more than one million users, intercepted private communications of high-profile political figures, and compromised CALEA lawful intercept syst

November 25, 2023. A remote booster station serving 6,000 people in Pennsylvania was accessed by a hostile actor. The international media followed. Defacement banners appeared on the HMI. Operators were forced to switch to manual operation. Here's what didn't happen: No zero-day. No exploit chain. No malware. No sophistication. A publicly available default password. Shodan scanning. Transparent trust in factory credentials. This is Aliquippa. And it's the perfect example of t

Part 1 of the "When Software Meets the Physical World: AppSec Lessons From ICS" series Introduction: The Lesson ICS Taught Me Early Before I entered cybersecurity, I spent nearly 20 years as an electronics technician working with sensors, control circuits, and embedded systems. When I started researching SCADA and ICS security for my graduate work, I recognized something familiar: the same trust failures I'd seen at the hardware level — sensors lying, signals drifting, inputs

If inputs lie, logic will follow. Industrial control systems don't reason. They don't question. They don't validate truth. They evaluate. A PLC or RTU accepts whatever value reaches its input buffers and applies deterministic logic to it with absolute confidence. And when those upstream signals are manipulated—whether sensor readings, timing references, or permissive bits—the controller's logic becomes the attack surface. In Part 2 of this series (building on my BSides Delawa

ICS/OT Security Series — Part 1 If you lie to an industrial system about its inputs, it will execute that lie faithfully into the physical world. No hesitation. No intuition. Just deterministic logic doing exactly what it was designed to do. In my last post, I talked about how satellite signals—GPS, GNSS, RF—are largely undefended against spoofing and manipulation. The gap isn’t just theoretical. It lives inside your industrial control systems. Most ICS/OT security conversati

How SIGINT, ICS, and Application Security Converge in the Invisible Domain We Depend On Every day, critical infrastructure runs on signals we can't see. Satellite timing guides the power grid. GNSS signals coordinate automation sequences. RF links relay data to SCADA systems. Software systems make decisions based on timing they assume is trustworthy. Yet most cybersecurity programs treat satellites and RF systems as "someone else's problem." I recently gave a talk at BSides D

When it comes to securing Operational Technology (OT) and Industrial Control Systems (ICS), visibility isn’t just nice to have—it’s...

In 2025, as organizations adopt zero-trust architectures and AI-powered tools, the core practices of cybersecurity—known as cyber...

In today's rapidly evolving cyber threat landscape, having a robust and flexible cybersecurity development environment is crucial for...

By Norris Cornell Published: March 26, 2025   Introduction: Why SCADA Matters Imagine the human body performing a simple task—picking up...

Cyber Hygiene 101: Explore key NIST guidelines to safeguard your digital footprint and prevent costly breaches like MGM's $100 million...

Imagine waking up without electricity, running water, or a way to call for help. That’s the chaos we’d face without critical...