I don’t understand why they do this.
If we don’t want hackers to hack into our power grid or utilities or pipelines for Pete sakes, take them off-line. The only operational access should be from the inside of the facility or control center. An authorized operator must be in the building or facility in order to control and manipulate the grid. Are you following me?
Access to anything operational should only be from inside the power utility or pipeline. Not remotely. Not through the internet. Not online. Not even from an IT’s cozy cabin up in the Rockys.
Again, if we don’t want Russian hackers to gain control of our pipelines never ever make our operations available on the net. Only by being inside the restricted and guarded premises. And only by qualified and certified company or government personnel. No visitors or tour groups. Not even the curious.
Obviously the system, as it is run now is vulnerable to outside snoops and hackers. Stop that now! No more outside access. Matter of fact no phone or cable lines should come to the building. No satellite dishes or carrier pigeons. Yes, computer operators and programmers would have to be in the building at all times in order to operate the water works facility or pipeline. It may be a bit inconvenient but it’s for the security of the grid. So, unplug and go off line! And leave your cell phone at the door. What’s so hard about that?