Industrial Control Systems

Default-avatar

New York Times Attacks Show Need For New Security Defenses

February 01, 2013 Added by:Infosec Island

The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

SCADA Security Directions for 2013 - How Will ICS and SCADA Security Change in 2013?

February 01, 2013 Added by:Eric Byres

You see, every January I get asked to make between three and five predictions for the upcoming year. Then every December people remind me that I made those predictions 12 months ago. Then they get to tell me how poorly I did.

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Perfect Citizen, US vulnerability assessment program on critical infrastructures

January 02, 2013 Added by:Plagiarist Paganini

CNET web site has published a news on a secret National Security Agency program named Perfect Citizen that is targeting on large-scale the control systems inside utilities, including power grid and gas pipeline controllers, with the purpose to discover security vulnerabilities.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Preventative -v- Detective Security

December 02, 2012 Added by:Simon Moffatt

Security has several issues from a proactive implementation perspective. Like anything, a detailed return on investment, including both tangible and non-tangible benefits, is required...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Proactive defense, humans or machines… that’s the question

November 27, 2012 Added by:Plagiarist Paganini

Cyber conflicts are characterized by the necessity of an immediate cyber response to the incoming cyber threats, in many cases the reaction must be instantaneous to avoid the destruction of assets and resources. The human factor could represent an element of delay...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Industrial Control System Security: A Reliability Issue?

November 06, 2012 Added by:Larry Karisny

Cyber Security Expert Joe Weiss has spearheaded the ICS Cyber Security Conference for 12 years and when he calls in the troops, the best come to serve. Last month’s conference held at Old Dominion University's Virginia Modeling Analysis and Simulation Center -- VMASC in Suffolk, Va. -- was no different...

Comments  (1)

3e35900ae6facc6c146a85c435c71d82

Securing Smart Grid, SCADA, and Other Industrial Control Systems

October 11, 2012 Added by:Ben Rothke

The Stuxnet computer worm of mid-2010 was a huge wake-up call for the energy industry. It also catapulted SCADA from an obscure term to the forefront of industrial security. But nearly two years later, it is unclear if the energy sector is adequately prepared for sophisticated information security threats...

Comments  (2)

E313765e3bec84b2852c1c758f7244b6

Quick and Dirty Plan for Critical Infrastructure Security Improvement

October 11, 2012 Added by:Brent Huston

I was recently engaged with some critical infrastructure experts on Twitter. We were discussing a quick and dirty set of basic tasks that could be used an approach methodology for helping better secure the power grid and other utilities. There was a significant discussion and many views were exchanged...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Revenge of the NERCs?

October 04, 2012 Added by:Tripwire Inc

Ultimately this is critical stuff. If we don’t want to find ourselves wandering the wastelands searching for food and water fighting off marauding bands of marauders (is that redundant?) its important for these ninjas to get it right and keep the pirates at bay...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Surviving a Public Infrastructure or Energy Grid Attack

September 27, 2012 Added by:Dan Dieterle

What would you do if the lights suddenly went out? Where would you get news from? Or more importantly water? Keep cool or get heat? Though many disregard warnings about critical infrastructure attacks what if the worst did happen, would you be prepared?

Comments  (2)

8a958994958cdf24f0dc051edfe29462

Anomaly Detection: Front-Door Infrastructure Security

September 23, 2012 Added by:Larry Karisny

So what if we could create an anomaly algorithm that could audit, detect and approve positive input events in business processes. And if we could do this then wouldn’t risk management and security actually just be a byproduct of allowing these positive business events to occur?

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Ask The Experts: Important SCADA Security Tips

September 16, 2012 Added by:Brent Huston

Utilities have been computerizing their SCADA systems for years now. This has allowed them to save money, time and manpower and has increased their situational awareness and control flexibility. However, industrial control systems are usually not very robust and also very ‘dumb...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Utility Breach Prompts Enforcement and Industry-Wide Security Review

September 06, 2012 Added by:David Navetta

Expect an uptick in privacy enforcement by state utility regulators. Utilities across the country are advised to review their information security programs (including vendor management requirements) and breach response processes to address their regulators' concerns...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GarrettCom Magnum Privilege Escalation

September 04, 2012 Added by:Infosec Island Admin

Successful exploitation of this vulnerability could allow escalation of privileges to full administrative access. The privilege escalation could provide the attacker a vector for making changes to settings, or initiating a complete device shutdown causing a denial of service...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Shamoon - DistTrack Malware

August 30, 2012 Added by:Infosec Island Admin

W32.DistTrack, also known as “Shamoon,” is an information-stealing malware that also includes a destructive module. Shamoon renders infected systems useless by overwriting the Master Boot Record (MBR), the partition tables, and most of the files with random data. Once overwritten, the data are not recoverable...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Oil and Natural Gas Pipeline Intrusion Campaign

August 28, 2012 Added by:Infosec Island Admin

ICS-CERT onsite analysis included a search for host-based and network-based indicators to identify additional hosts for further analysis. ICS-CERT hashed files from approximately 1700 machines and compared them to hashes of known malicious files and examined proxy logs to identify any suspicious network activity...

Comments  (1)

Page « < 2 - 3 - 4 - 5 - 6 > »