Blog Posts Tagged with "Infrastructure"
Five Conversations that will Shape Your Cloud Security Model
May 03, 2012 Added by:Rafal Los
We need to move away from the control model into a governance model and acknowledge we're not going to have control over all of our risk. Any notion that you have control is a delusion. Assuming that if you control the environment you have better security is a fallacy...
Comments (0)
ICS-CERT: The Role of Fusion Centers
May 03, 2012 Added by:Infosec Island Admin
ICS-CERT recommends that industrial control systems owners and operators contact their local fusion center to better understand the role of their fusion center in supporting the private sector in critical infrastructure protection and cybersecurity...
Comments (0)
National Collegiate Cyber Defense Competition (NCCDC)
May 01, 2012 Added by:Infosec Island Admin
"The Department of Homeland Security is proud to be one of the sponsors of this competition that took place over the course of three days and focused on the operational aspects of securing and defending a 'commercial' network infrastructure..."
Comments (0)
Procrastination in Cybersecurity Legislation
April 29, 2012 Added by:Michelle Valdez
Congress is procrastinating with regards to cybersecurity legislation. The debates will continue about regulation and authorities and privacy rights but in the end, we all need to come together and find the best way to share threat data so that we can protect critical networks...
Comments (0)
Cybersecurity Legislation Needed to Prevent Inevitable Attack
April 28, 2012 Added by:Dan Dieterle
U.S. networks would be much stronger if companies enforced standard security procedures. My question is why hasn’t critical infrastructure entities already implemented it? And why would we need more legislation passed to force them to do it, when it should already be done?
Comments (1)
Iran vs. The West: Cyberwar or Media Hype?
April 27, 2012 Added by:Pierluigi Paganini
The growing tension between Iran, the U.S. and Israel does not bode well, however the reports persistently circulated on the Internet don't add anything new to a scenario that has long been known. Iran has long understood how strategic a strong presence in cyber space is...
Comments (0)
Are ICS Vendors Really to Blame for Insecure Systems?
April 27, 2012 Added by:Joe Weiss
The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...
Comments (0)
ICS-CERT: RuggedCom Weak Cryptography Vulnerability
April 27, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a default backdoor user account with a password with trivial encoding affecting RuggedCom RuggedSwitch and RuggedServer devices using Rugged OS. The vulnerability is exploitable by generating a password from known data about the device...
Comments (0)
House Testimony: Iran Preparing Attacks on U.S. Infrastructure
April 26, 2012 Added by:Headlines
Cybersecurity experts will testify before Congress today on the high probability that the Iranian government is engaged in building a cyber offensive force geared towards attacks against critical U.S. infrastructure targets including power and water distribution facilities...
Comments (0)
Remember Public Cellular Networks in Smart Meter Adoption
April 26, 2012 Added by:Brent Huston
ICS/SCADA owners must strive to clearly identify their needs around cellular technologies, clearly demarcate the requirements for private/segmented/public cellular network use and understand the benefits/issues and threats of what they are utilizing...
Comments (0)
Congressional Testimony Rings Cybersecurity Alarm Bells
April 25, 2012 Added by:Headlines
"Every day nations and 'hacktivist' groups penetrate our public and private computer networks. The degradation of our national security and intellectual property from cyber theft threatens to weaken us where we have been historically strong: in our ingenuity and creativity..."
Comments (0)
ICS-CERT: Social Engineering and SCADA Security
April 24, 2012 Added by:Infosec Island Admin
Social engineering attempts can be highly targeted and conducted in a way that is much more difficult to detect than the spam and phishing emails we receive in our inbox. Phone-based social engineering attempts were recently experienced at two or more power distribution companies...
Comments (0)
ICS-CERT: Siemens Simatic WINCC Multiple Vulnerabilities
April 20, 2012 Added by:Infosec Island Admin
ICS-CERT has received reports detailing several vulnerabilities in Siemens SIMATIC WinCC Human-Machine Interface application which could allow an attacker to log on to a system as a user or administrator with the ability to execute arbitrary code or obtain full access to files...
Comments (0)
ICS-CERT: Siemens Scalance X Industrial Ethernet Vulnerability
April 18, 2012 Added by:Infosec Island Admin
Exploitation of the vulnerability allows an attacker to perform malicious actions which may lead to a denial of service condition or possible arbitrary code execution. These actions may ultimately impact the process environment in which the system is deployed...
Comments (0)
Iranian Bank Accounts Hacked: A Cyber Warfare Hypothesis
April 17, 2012 Added by:Pierluigi Paganini
Banking is a vital component of a country, it is considered in every cyber strategy as critical infrastructure. If a country is attacked so that its financial institutions fail it would produce an environment for other cyber and military operations, a typical cyberwar scenario...
Comments (0)
All the Lights Will Not Go Out in a Cyber Attack
April 17, 2012 Added by:Dan Dieterle
One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...
Comments (5)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox