Items Tagged with "ICS"


The Need for Improved Critical Infrastructure Protection

June 13, 2012 Added by:William Mcborrough

Tackling the problem of critical infrastructure protection will take concerted efforts from the public and private sectors. An appropriate governance structure is needed to avoid the inevitable over-reaction that will follow the inevitable catastrophic attack against our critical infrastructure...

Comments  (4)


SCADA Security: Consequences and Difficulty with Incentives

May 18, 2012 Added by:Rafal Los

Here's the problem - when it comes to critical infrastructure protection it's very difficult to legislate and regulate the organizations that matter into a state of better security. The problem is that in order to enforce policy and rules there either have to be consequences to failing, or incentives not to fail - or both...

Comments  (0)


DHS: Industrial Control Systems Threats Increasing

May 03, 2012 Added by:Headlines

“We pay particular attention to industrial control systems. We’re seeing a troubling increase in the threats and the vulnerabilities associated with those. But we are making progress on that, I think,” DHS deputy undersecretary for cybersecurity Mark Weatherford said...

Comments  (0)


Are ICS Vendors Really to Blame for Insecure Systems?

April 27, 2012 Added by:Joe Weiss

The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...

Comments  (0)


ICS-CERT: RuggedCom Weak Cryptography Vulnerability

April 27, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a default backdoor user account with a password with trivial encoding affecting RuggedCom RuggedSwitch and RuggedServer devices using Rugged OS. The vulnerability is exploitable by generating a password from known data about the device...

Comments  (0)


LIGHTS: Addressing Cybersecurity for Smaller Facilities

April 26, 2012

Watch the roundtable launch of the LIGHTS program from April 24. LIGHTS Chair Chris Blask opens with a presentation on major issues facing industrial facilities, then is joined by Energysec's Steve Parker, Joel Langill a.k.a. SCADAHacker, and AWWA's Kevin Morley and Gary Sturdavan...

Comments  (1)


Remember Public Cellular Networks in Smart Meter Adoption

April 26, 2012 Added by:Brent Huston

ICS/SCADA owners must strive to clearly identify their needs around cellular technologies, clearly demarcate the requirements for private/segmented/public cellular network use and understand the benefits/issues and threats of what they are utilizing...

Comments  (0)


ICS-CERT: What does a Cyber Attack Feel Like?

April 26, 2012 Added by:Infosec Island Admin

The free ICS Advanced Cybersecurity training offers step-by-step guidance on network discovery, exploitation, defense, and detection. After the 3 full days of classroom instruction participants are armed with an arsenal of cyber attack and defense tools and techniques...

Comments  (0)


NIST Workshop: Cybersecurity for Cyber-Physical Systems

April 18, 2012

On April 23 and 24, 2012, the NIST ITL Computer Security Division will host a two-day workshop about the cyber security needed for cyber-physical systems, with a focus on results of research and real-world deployment experiences. Agenda and abstracts available here...

Comments  (0)


All the Lights Will Not Go Out in a Cyber Attack

April 17, 2012 Added by:Dan Dieterle

One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...

Comments  (5)


Information Sharing and the ICS-ISAC

April 15, 2012 Added by:Chris Blask

The topic of information sharing has become one of the most interesting in finding “The Solution” to ICS security. Aspects securing industrial control systems – including timing, technology and workforce – suggest that answers lie less in technology and more in Robert’s Rules...

Comments  (2)


Cybersecurity Problems Found in Electrical Infrastructure

April 07, 2012 Added by:Joel Harding

DOE is in charge of locating and fixing critical infrastructure problems within the energy sector. Do they, in turn, report to DHS if it has to do with critical infrastructure? Does DHS oversee DOE’s cybersecurity problems, their critical infrastructure problems or...?

Comments  (2)


NIST Workshop on SCADA - ICS Security

April 05, 2012 Added by:Headlines

Securing against unlawful and malicious attacks is especially vital when the computers control major physical systems—manufacturing plants, transportation systems, power grids. Cybersecurity for physical systems is the topic of an upcoming NIST workshop...

Comments  (0)


ICS-CERT: Invensys Wonderware Server Multiple Vulnerabilities

April 04, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Invensys Wonderware Information Server which if exploited could allow denial of service, information disclosure, remote code execution, or session credential high jacking. Invensys has developed a security update...

Comments  (0)


ICS-CERT: Invensys Wonderware Buffer Overflow Vulnerability

April 02, 2012 Added by:Infosec Island Admin

Researchers identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, and successful exploitation of these vulnerabilities will cause a buffer overflow that may allow remote code execution...

Comments  (0)


What is Aurora and Why is it a Risk to Grid Reliability?

March 29, 2012 Added by:Joe Weiss

Aurora is a gap in the protection of the electric grid. It is a basic physics property - an out-of-phase condition that cannot be seen by the operator and can NOT be addressed by traditional mitigation. The only means to prevent an Aurora event is by physical hardware mitigation...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »