Please lookup a product from IBM called Datapower, nobody has been able to hack a Datapower device to this date, nobody even knows what type of operating system it is running, if you actually try to open the box unplugged it has a battery to wipe the os clean. the only way to do hardware replacement on the box is to ship it back to IBM and they replace it for you. typical box costs about 40k and you need 30 to 40 of them for a basic configuration. The energy grid is level 3 security which essentially puts it above credit card systems and health care systems because it is a war time target. Please stop watching TV.
You seem a bit too cocky for a security expert. If you were legit you would never be so confident.
Your praise of security by obsurity also diminishes any security credentials you might have.
But the killer is your failure to recognize that absent of an air gap no network is 100% secure.
There will always be human factors.
I do watch TV but I worked professionally on another critical inftastructure system with "six 9's up time"
including software upgrades. Although I am not a security expert security was always a concern. In the over 20 years
I was there the only security compromises were inside jobs or physical breach.
The biggest computer security threat ever is c/c++ and it's lack of built in array bound checking.
Imagine a world where buffer overflow exploits never existed. I don't have to imagine, I saw it.
Yes I am cocky because I saved the world more energy than fucken Elon Musk. Look up my resume on LinkedIn. Armen Merikyan. I didn't say I was a security expert I design the architecture that was reviewed by multiple security experts and actually taken as a blueprint for other energy companies to follow.
not gonna comment on this topic anymore, you guys watched to much TV and believe to much bullshit, regarding this hack they should of had encrypted laptops for the developers and 2factor authentication setup for the VPN which they probably did neither also you must run background check on anyone that is going to work on the system. With a third party phishing services to test and make sure none of your developers are stupid enough to open random emails. there are people that know how to do a job and then their are armatures yes i said Arm-atures