Items Tagged with "Infrastructure"


E313765e3bec84b2852c1c758f7244b6

Remember Public Cellular Networks in Smart Meter Adoption

April 26, 2012 Added by:Brent Huston

ICS/SCADA owners must strive to clearly identify their needs around cellular technologies, clearly demarcate the requirements for private/segmented/public cellular network use and understand the benefits/issues and threats of what they are utilizing...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Congressional Testimony Rings Cybersecurity Alarm Bells

April 25, 2012 Added by:Headlines

"Every day nations and 'hacktivist' groups penetrate our public and private computer networks. The degradation of our national security and intellectual property from cyber theft threatens to weaken us where we have been historically strong: in our ingenuity and creativity..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Social Engineering and SCADA Security

April 24, 2012 Added by:Infosec Island Admin

Social engineering attempts can be highly targeted and conducted in a way that is much more difficult to detect than the spam and phishing emails we receive in our inbox. Phone-based social engineering attempts were recently experienced at two or more power distribution companies...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Siemens Simatic WINCC Multiple Vulnerabilities

April 20, 2012 Added by:Infosec Island Admin

ICS-CERT has received reports detailing several vulnerabilities in Siemens SIMATIC WinCC Human-Machine Interface application which could allow an attacker to log on to a system as a user or administrator with the ability to execute arbitrary code or obtain full access to files...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Siemens Scalance X Industrial Ethernet Vulnerability

April 18, 2012 Added by:Infosec Island Admin

Exploitation of the vulnerability allows an attacker to perform malicious actions which may lead to a denial of service condition or possible arbitrary code execution. These actions may ultimately impact the process environment in which the system is deployed...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Workshop: Cybersecurity for Cyber-Physical Systems

April 18, 2012

On April 23 and 24, 2012, the NIST ITL Computer Security Division will host a two-day workshop about the cyber security needed for cyber-physical systems, with a focus on results of research and real-world deployment experiences. Agenda and abstracts available here...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Iranian Bank Accounts Hacked: A Cyber Warfare Hypothesis

April 17, 2012 Added by:Pierluigi Paganini

Banking is a vital component of a country, it is considered in every cyber strategy as critical infrastructure. If a country is attacked so that its financial institutions fail it would produce an environment for other cyber and military operations, a typical cyberwar scenario...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

All the Lights Will Not Go Out in a Cyber Attack

April 17, 2012 Added by:Dan Dieterle

One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...

Comments  (5)

A966b1b38ca147f3e9a60890030926c9

Information Sharing and the ICS-ISAC

April 15, 2012 Added by:Chris Blask

The topic of information sharing has become one of the most interesting in finding “The Solution” to ICS security. Aspects securing industrial control systems – including timing, technology and workforce – suggest that answers lie less in technology and more in Robert’s Rules...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

Botnets a Growing National Security Concern

April 13, 2012 Added by:Pierluigi Paganini

There is no clear line between cybercrime and cyber warfare, and botnets are a serious threat with tremendous offensive potential. Through a botnet it is possible to attack the nerve centers of a country, and isolated attacks can target critical infrastructure...

Comments  (1)

201d6e4b7cd0350a1a9ef6e856e28341

Misconceptions about Aurora: Why Isn't More Being Done

April 13, 2012 Added by:Joe Weiss

The 2007 Aurora test at the Idaho National Laboratory demonstrated that if someone can gain access to a controller, the attacker will cause physical damage. As Aurora is a gap in protection of the electric grid, one way to prevent an Aurora attack is by hardware mitigation...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: MICROSYS PROMOTIC Vulnerability POC

April 13, 2012 Added by:Infosec Island Admin

Researcher Luigi Auriemma identified and released proof of concept code (POC) for a use after free vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application wgich may result in adverse conditions ranging from the corruption of valid data to the execution of arbitrary code...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Cyber Security Legislation: What Does it Mean for Citizens?

April 12, 2012 Added by:Robert Siciliano

Members of Congress have recognized the need for increased security and introduced approximately fifty bills in the last session. The proposed legislation is focused on improving cyber security for citizens, critical infrastructure, and the Federal Government’s own networks...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: 3S-Software CoDeSys Improper Access Control

April 10, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of improper access control vulnerability affecting 3S-Software CoDeSys which could allow an attacker can upload unauthenticated configuration changes to the PLC which may include arbitrary code...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Video: Cyber Security for Smart Energy Systems

April 09, 2012

Chris Wysopal discusses why it is so important to the power grid to write secure code for software, how computer intrusion methods have changed in over past two decades, the impact of data breaches on modern organizations, and the necessity for thorough testing prior to launch...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Meetings with DOD and Congress on SCADA Security

April 09, 2012 Added by:Joe Weiss

I was asked by DOD how to get an organization to address OT security. The only chance for OT security to succeed is if senior management drives it. There are only a few utilities whose senior management mandated they be secure not just compliant. What a sorry commentary...

Comments  (1)

Page « < 3 - 4 - 5 - 6 - 7 > »