Blog Posts Tagged with "SCADA"


SecurityWeek Acquires Industrial Control System Cybersecurity Conference Series

April 28, 2014 Added by:InfosecIsland News

SecurityWeek announced that it has acquired the ICS Cybersecurity Conference series, the leading organizer of cybersecurity-focused events for the industrial control systems sector.

Comments  (0)


A Wake-up Call to Ignoring Cyber Threats – PG&E Indicted on Criminal Charges

April 07, 2014 Added by:Joe Weiss

On April 1, a federal grand jury indicted PG&E on 12 counts of knowingly and willfully violating the federal Pipeline Safety Act leading to the San Bruno natural gas pipeline rupture.

Comments  (0)


Improving SCADA System Security (Part 1)

December 21, 2013 Added by:InfoSec Institute

Supervisory control and data acquisition (SCADA) networks are considered by cyber strategists to be the backbone of any country. Critical infrastructure, and in particular control systems, require protection from a variety of cyber threats that could compromise their ordinary operation.

Comments  (0)


DNP3 Vulnerabilities Part 2 of 2 – Why DPI Firewalls Might be Industry’s Only Hope

December 05, 2013 Added by:Eric Byres

DNP3 serial links connect millions of physically insecure pad and pole-mounted devices. Accessing just one of those devices opens the door to a system wide attack. Since there is no way that every one of these devices can be inside the perimeter, the concept of NERC’s ESP is fatally flawed.

Comments  (0)


DNP3 Vulnerabilities Part 1 of 2: NERC’s Electronic Security Perimeter is Swiss Cheese

November 07, 2013 Added by:Eric Byres

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.

Comments  (0)


Enough Clucking – Start Fixing the SCADA Security Problem

September 12, 2013 Added by:Eric Byres

I am not a SCADA Apologist. If anything, I consider people like myself and Joel Langill to be SCADA Realists. Clearly Joel and I believe security is important. If we didn’t, we wouldn’t be in this business. And our clients don’t pay us to hear: “Do nothing; it’s the other guy’s fault.”

Comments  (0)


Securing Critical Infrastructure Through Information Sharing

July 24, 2013 Added by:Anthony M. Freed

In this panel discussion industry experts investigate the possible sources and application of the knowledge needed to secure critical infrastructure

Comments  (0)


Hammer Time

June 10, 2013 Added by:Chris Blask

The Situational Awareness Reference Architecture (SARA) is what the ICS ISAC was created to foster, and to itself be a part of. Until this year, when evolutions in many areas have come together to provide the necessary foundations there has not been any value in trying to drive to a final specific definition of SARA. Today however, evidence that the stage is set for the final act is everywhere.

Comments  (0)


Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way

May 16, 2013 Added by:Francis Cianfrocca

Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.

Comments  (5)


The Evolution of Industrial Control System Information Sharing

May 16, 2013 Added by:Anthony M. Freed

The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.

Comments  (12)


SCADA and ICS Cyber Security - Facing the Facts

May 05, 2013 Added by:Eric Byres

In the past, the main reason for securing a SCADA/ICS network was to protect against inadvertent network incidents or attacks from insiders. The risk of an external malicious cyber-attack was considered minimal.

Comments  (0)


Securing SCADA Systems - Why Choose Compensating Controls?

April 12, 2013 Added by:Eric Byres

This week, Eric looks at the pros and cons of using compensating controls as an alternative to patching, and discuss the requirements for success.

Comments  (0)


Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure

April 09, 2013 Added by:Ben Rothke

In Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure, authors Eric Knapp and Raj Samani provide and excellent overview on what the smart grid is and how it can be secured.

Comments  (1)


Making Patching Work for SCADA and Industrial Control System Security

April 05, 2013 Added by:Eric Byres

Applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. What I am against is patching as a knee-jerk reaction to security vulnerabilities. You can’t expect your control system to operate reliably if you don’t have a controlled process for patching.

Comments  (0)


ICS-CERT Alerts of Mitsubishi MX SCADA Vulnerability

April 03, 2013 Added by:Steve Ragan

ICS-CERT has issued a warning this week after vulnerability details concerning Mitsubishi’s MX Component started to gain attention online.

Comments  (0)


The Threat to Industrial Control Systems from Physical Persistent Design Features (PPDF)

April 01, 2013 Added by:Joe Weiss

Industrial control systems (ICSs) were designed for reliability and safety and to enable system operability and functionality. Many ICSs were originally designed before networking was commonplace. Consequently, cyber security was not a design consideration.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »