SCADA
Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
May 16, 2013 Added by:Francis Cianfrocca
Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.
Comments (0)
The Evolution of Industrial Control System Information Sharing
May 16, 2013 Added by:Anthony M. Freed
The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.
Comments (0)
Resilience ‒ The way to Survive a Cyber Attack
May 07, 2013 Added by:Jarno Limnéll
In reality, a well-prepared cyber attack does not need to last for 15 minutes to succeed. After preparations it takes only seconds to conduct the attack which may hit targets next door as well as those on the other side of the world.
Comments (0)
SCADA and ICS Cyber Security - Facing the Facts
May 05, 2013 Added by:Eric Byres
In the past, the main reason for securing a SCADA/ICS network was to protect against inadvertent network incidents or attacks from insiders. The risk of an external malicious cyber-attack was considered minimal.
Comments (0)
On Dutch Banking Woes and DDoS Attacks
April 25, 2013 Added by:Don Eijndhoven
If you don't live in the Netherlands or don't happen to have a Dutch bank account, you can certainly be forgiven for not having caught wind of the major banking woes that have been plaguing the Dutch.
Comments (0)
Google: Black Hat or White Hat?
April 23, 2013 Added by:Larry Karisny
Google has a perfect opportunity to be a leader in cybersecurity. Google’s recent network -- and acquisitions and hires -- in Austin, Texas, is an opportunity to do security right the first time.
Comments (1)
Securing SCADA Systems - Why Choose Compensating Controls?
April 12, 2013 Added by:Eric Byres
This week, Eric looks at the pros and cons of using compensating controls as an alternative to patching, and discuss the requirements for success.
Comments (0)
Attack Vector Undefined: Dismantling ‘Defense in Depth’ through Power Grid.
April 12, 2013 Added by:Mikko Jakonen
Well, before COTS (Commercial Off The Shelve) came popular in military and other organizations thinking their security, this could have been avoided. Nowadays, very difficult. Even in trailers. You still need only one computer making possible to interact with others – in many different NETs existing :)
Comments (0)
Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure
April 09, 2013 Added by:Ben Rothke
In Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure, authors Eric Knapp and Raj Samani provide and excellent overview on what the smart grid is and how it can be secured.
Comments (1)
Making Patching Work for SCADA and Industrial Control System Security
April 05, 2013 Added by:Eric Byres
Applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. What I am against is patching as a knee-jerk reaction to security vulnerabilities. You can’t expect your control system to operate reliably if you don’t have a controlled process for patching.
Comments (0)
ICS-CERT Alerts of Mitsubishi MX SCADA Vulnerability
April 03, 2013 Added by:Steve Ragan
ICS-CERT has issued a warning this week after vulnerability details concerning Mitsubishi’s MX Component started to gain attention online.
Comments (0)
SCADA and ICS Security Patching: The Good, the Bad and the Ugly
March 26, 2013 Added by:Eric Byres
Let's examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process...
Comments (1)
SCADA and ICS Security: Welcome to the Patching Treadmill
March 15, 2013 Added by:Eric Byres
After Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure. Unfortunately, the SCADA and Industrial Control Systems applications they are now focusing on are sitting ducks.
Comments (0)
Symantec Uncovers Earliest Known Version of Stuxnet (Version 0.5)
February 26, 2013 Added by:Mike Lennon
According to Symantec, Stuxnet Version 0.5, an earlier and less sophisticated version of Stuxnet, was designed to close crucial valves that feed uranium hexafluoride gas into the centrifuges, causing serious damage to the centrifuges and the uranium enrichment system as a whole.
Comments (0)
APT1: The Good, The Bad, and The Ugly
February 21, 2013 Added by:Krypt3ia
I believe that Mandiant published the APT1 report primarily as a means of advertising and not much else. There is talk of the release being given the tacit nod by the government to push through the idea that there is a problem and that China is robbing us blind.
Comments (2)
iPhones Are Coming to the Plant Floor – Can we Secure Them?
February 20, 2013 Added by:Eric Byres
Like icebergs, mobile technology has become an unstoppable force of nature. They have invaded the corporate office – is the plant floor the next frontier? What is your company doing about mobile devices on the plant floor? Does it have a strategy?
Comments (0)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform