Blog Posts Tagged with "ICS"

306708aaf995cf6a77d3083885b60907

DHS Mistakenly Releases 840-pages of Critical Infrastructure Documents

July 09, 2014 Added by:Mike Lennon

The U.S. Department of Homeland Security (DHS) has released hundreds of documents, some of which contain sensitive information and potentially vulnerable critical infrastructure points across the United States, in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

A Wake-up Call to Ignoring Cyber Threats – PG&E Indicted on Criminal Charges

April 07, 2014 Added by:Joe Weiss

On April 1, a federal grand jury indicted PG&E on 12 counts of knowingly and willfully violating the federal Pipeline Safety Act leading to the San Bruno natural gas pipeline rupture.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

Enough Clucking – Start Fixing the SCADA Security Problem

September 12, 2013 Added by:Eric Byres

I am not a SCADA Apologist. If anything, I consider people like myself and Joel Langill to be SCADA Realists. Clearly Joel and I believe security is important. If we didn’t, we wouldn’t be in this business. And our clients don’t pay us to hear: “Do nothing; it’s the other guy’s fault.”

Comments  (0)

6d117b57d55f63febe392e40a478011f

The Evolution of Industrial Control System Information Sharing

May 16, 2013 Added by:Anthony M. Freed

The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.

Comments  (1)

682e0e796084e163c5ca053dd8573b0c

Securing SCADA Systems - Why Choose Compensating Controls?

April 12, 2013 Added by:Eric Byres

This week, Eric looks at the pros and cons of using compensating controls as an alternative to patching, and discuss the requirements for success.

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure

April 09, 2013 Added by:Ben Rothke

In Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure, authors Eric Knapp and Raj Samani provide and excellent overview on what the smart grid is and how it can be secured.

Comments  (1)

682e0e796084e163c5ca053dd8573b0c

Making Patching Work for SCADA and Industrial Control System Security

April 05, 2013 Added by:Eric Byres

Applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. What I am against is patching as a knee-jerk reaction to security vulnerabilities. You can’t expect your control system to operate reliably if you don’t have a controlled process for patching.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The Threat to Industrial Control Systems from Physical Persistent Design Features (PPDF)

April 01, 2013 Added by:Joe Weiss

Industrial control systems (ICSs) were designed for reliability and safety and to enable system operability and functionality. Many ICSs were originally designed before networking was commonplace. Consequently, cyber security was not a design consideration.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

SCADA and ICS Security Patching: The Good, the Bad and the Ugly

March 26, 2013 Added by:Eric Byres

Let's examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process...

Comments  (1)

682e0e796084e163c5ca053dd8573b0c

SCADA and ICS Security: Welcome to the Patching Treadmill

March 15, 2013 Added by:Eric Byres

After Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure. Unfortunately, the SCADA and Industrial Control Systems applications they are now focusing on are sitting ducks.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

Time to Speak Up on New IF-MAP Specs for ICS and SCADA Security

February 12, 2013 Added by:Eric Byres

Something I believe industry urgently needs is better standards for information exchange between security solutions. Unfortunately while TCG has had feedback from the IT community, they have received little from the SCADA or ICS community. I encourage everyone involved with SCADA and ICS security to review the specification.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

SCADA Security Directions for 2013 - How Will ICS and SCADA Security Change in 2013?

February 01, 2013 Added by:Eric Byres

You see, every January I get asked to make between three and five predictions for the upcoming year. Then every December people remind me that I made those predictions 12 months ago. Then they get to tell me how poorly I did.

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Optimism... or Special Interests?

October 31, 2012 Added by:Jayson Wylie

There seems to be some political purpose to the current interests around Kaspersky. They are becoming involved in investigating malware of a cyber weapon nature instead of the constant pursuit of Trojan variants and financial fraud that is more damaging to the masses originating around their home office...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Report Examines Increasing Threats to Critical Infrastructure

June 21, 2012 Added by:Headlines

“Outdated security methods that use a maze of disparate, multi-vendor, and stacked security tools will only delay a cyber attack, providing numerous opportunities for a more advanced and modern cyber adversary to attack cyber security postures throughout critical infrastructure...”

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Stuxnet, Flame, Duqu Less Dangerous than Conventional Attacks

June 21, 2012 Added by:Headlines

“Our advice to ICS and SCADA network managers is to be informed of new threats like Flame, but be especially vigilant against the more conventional, widely understood threats. In all likelihood, a simple denial-of-service attack has a better chance of wreaking havoc on their network than Stuxnet or Duqu"...

Comments  (0)

5106d48203954b74e6ea495e5c7f21b0

The Need for Improved Critical Infrastructure Protection

June 13, 2012 Added by:William Mcborrough

Tackling the problem of critical infrastructure protection will take concerted efforts from the public and private sectors. An appropriate governance structure is needed to avoid the inevitable over-reaction that will follow the inevitable catastrophic attack against our critical infrastructure...

Comments  (4)

Page « < 1 - 2 - 3 - 4 - 5 > »