Blog Posts Tagged with "Infrastructure"
Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
May 16, 2012 Added by:Matthijs R. Koot
The Dutch Ministry of Defense's (MoD) annually issues a "Defense Innovation Competition" is a competition that is intended to get input from and foster relations with Dutch industry and SME. This year's theme is "CYBER Operations 2.0"...
Comments (0)
No National 'Stand Your Cyberground' Law Please
May 14, 2012 Added by:William Mcborrough
We know that some attacks on our privately owned critical infrastructure have been attributed to foreign government networks. Would it be wise to license companies to attack these networks? The last thing we need is an international incident started by some SysAdmin..
Comments (0)
ICS-CERT: Risk Management for the Electricity Sector
May 14, 2012 Added by:Infosec Island Admin
The DOE collaborated with the NIST and NERC to release a second draft of the Electricity Sector Cybersecurity Risk Management Process guideline, designed with the idea that cybersecurity risk management should be driven by the business needs of the company...
Comments (0)
ICS-CERT: WellinTech KingSCADA Insecure Password Encryption
May 10, 2012 Added by:Infosec Island Admin
Researchers Alexandr Polyakov and Alexey Sintsov from DSecRG identified an unsecure password encryption vulnerability in WellinTech KingSCADA application. When KingSCADA OPCServer and OPCClient are not on the same node, a remote attacker may obtain passwords to the system...
Comments (0)
Join ICS-CERT on the US-CERT Secure Portal
May 09, 2012 Added by:Infosec Island Admin
One of the best kept secrets in the critical infrastructure world is the US-CERT secure portal, a web-based platform that provides a mechanism for secure, unclassified information exchange between government agencies and the private sector asset owners and operators...
Comments (0)
ICS-CERT: Planning for a Cyber Incident?
May 08, 2012 Added by:Infosec Island Admin
Organizations without an existing incident response capability should consider establishing one. To aid control systems owners and operators, the CSSP has prepared a Recommended Practice: Developing an Industrial Control Systems Cybersecurity Incident Response Capability...
Comments (0)
US Gas Pipeline Companies Under Major Cyber Attack
May 07, 2012 Added by:Headlines
“Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated 'spear-phishing' campaign..."
Comments (0)
ICS-CERT: Getting Started Securing Industrial Assets
May 04, 2012 Added by:Infosec Island Admin
Over the past year significant discoveries in the areas of adversarial capabilities have identified that many companies across the 18 critical infrastructure and key resources (CIKR) are struggling to cope with the growing threats. Efforts have been taken to defend critical assets...
Comments (0)
DHS: Industrial Control Systems Threats Increasing
May 03, 2012 Added by:Headlines
“We pay particular attention to industrial control systems. We’re seeing a troubling increase in the threats and the vulnerabilities associated with those. But we are making progress on that, I think,” DHS deputy undersecretary for cybersecurity Mark Weatherford said...
Comments (0)
Five Conversations that will Shape Your Cloud Security Model
May 03, 2012 Added by:Rafal Los
We need to move away from the control model into a governance model and acknowledge we're not going to have control over all of our risk. Any notion that you have control is a delusion. Assuming that if you control the environment you have better security is a fallacy...
Comments (0)
ICS-CERT: The Role of Fusion Centers
May 03, 2012 Added by:Infosec Island Admin
ICS-CERT recommends that industrial control systems owners and operators contact their local fusion center to better understand the role of their fusion center in supporting the private sector in critical infrastructure protection and cybersecurity...
Comments (0)
National Collegiate Cyber Defense Competition (NCCDC)
May 01, 2012 Added by:Infosec Island Admin
"The Department of Homeland Security is proud to be one of the sponsors of this competition that took place over the course of three days and focused on the operational aspects of securing and defending a 'commercial' network infrastructure..."
Comments (0)
Procrastination in Cybersecurity Legislation
April 30, 2012 Added by:Michelle Valdez
Congress is procrastinating with regards to cybersecurity legislation. The debates will continue about regulation and authorities and privacy rights but in the end, we all need to come together and find the best way to share threat data so that we can protect critical networks...
Comments (0)
Cybersecurity Legislation Needed to Prevent Inevitable Attack
April 29, 2012 Added by:Dan Dieterle
U.S. networks would be much stronger if companies enforced standard security procedures. My question is why hasn’t critical infrastructure entities already implemented it? And why would we need more legislation passed to force them to do it, when it should already be done?
Comments (1)
Iran vs. The West: Cyberwar or Media Hype?
April 27, 2012 Added by:Pierluigi Paganini
The growing tension between Iran, the U.S. and Israel does not bode well, however the reports persistently circulated on the Internet don't add anything new to a scenario that has long been known. Iran has long understood how strategic a strong presence in cyber space is...
Comments (0)
Are ICS Vendors Really to Blame for Insecure Systems?
April 27, 2012 Added by:Joe Weiss
The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR