Blog Posts Tagged with "Industrial Control Systems"


ICS-CERT and FBI Statements on Water System Attacks

November 22, 2011 Added by:Headlines

ICS-CERT has not received any additional reports of impacted manufacturers of ICS or other ICS related stakeholders related to these events... any information about possible impacts to additional entities, it will disseminate timely mitigation information as it becomes available...

Comments  (0)


ICS Cybersecurity: Water, Water Everywhere

November 21, 2011 Added by:Chris Blask

Monitoring of water treatment networks using common SIEM or log management tools offers the kind of capability that can address the need for visibility into control system behavior. The ICS networks found in water facilities are deterministic systems with highly predictable behavior...

Comments  (4)


Getting Smacked in the Face Over TCP

November 21, 2011 Added by:Robin Jackson

Those who see concerted nation-state cyber attacks in every compromised system are like the little boy who cried "Stuxnet" whenever a control system is hacked and those who poo-poo the vulnerabilities that come to light are like the little pig who built his house of straw and said "I'm safe"...

Comments  (0)


South Houston's Water Supply Network Hacked

November 18, 2011 Added by:Headlines

"No damage was done to any of the machinery; I don't really like mindless vandalism. It's stupid and silly. On the other hand, so is connecting interfaces to your SCADA machinery to the internet... This required almost no skill and could be reproduced by a two year old..."

Comments  (0)


US Water System Hacked: A Community-Wide Issue

November 18, 2011 Added by:Robert M. Lee

Information is still coming out on this event and the DHS has stated that they and FBI are still gathering information but believe none of the information so far indicates a risk to critical infrastructure. However, the concerns this incident raises are valid regardless...

Comments  (3)


Are Web Services a Dumb Idea?

November 16, 2011 Added by:Joel Langill

First, you need to expand your concept of an “embedded web server” beyond something that a user would use when launching a browser and entering a URL for the device. Vendors actually use embedded web servers for a number of reasons, and many of these vendors are leaders in the industry...

Comments  (0)


Utility Cyber Security is in a State of Near Chaos

November 16, 2011 Added by:Headlines

"Utility cyber security is in a state of near chaos. After years of vendors selling point solutions, utilities investing in compliance minimums rather than full security, and attackers having nearly free rein, the attackers clearly have the upper hand..."

Comments  (0)


Thoughts on the Ohio SCADA Security Symposium

November 15, 2011 Added by:Brent Huston

One of the largest identified issues among the conversations at the symposium was the idea that cooperation and coordination between control network operators and engineers and their peers on the traditional business-oriented IT staff is difficult, if not nearly impossible...

Comments  (0)


IEEE Addresses SCADA Security Standard Challenges

November 08, 2011 Added by:Headlines

"As the rate of bolder, more sophisticated cyber attacks continues to spiral upward, ensuring data integrity and security has become increasingly challenging. By necessity, preventing unauthorized intrusion into critical systems has become a top priority..."

Comments  (0)


Symantec: Critical Infrastructure Protection Declines

November 01, 2011 Added by:Headlines

“The findings of this survey are somewhat alarming, given recent attacks like Nitro and Duqu that have targeted critical infrastructure providers,” said Dean Turner, director, Global Intelligence Network for Symantec...

Comments  (0)


Analysis: Duqu Trojan is Not on Par with Stuxnet

October 31, 2011 Added by:Headlines

"Both Duqu and Stuxnet are highly complex programs with multiple components. All of the similarities from a software point of view are in the "injection" component implemented by the kernel driver. The ultimate payloads of Duqu and Stuxnet are significantly different and unrelated..."

Comments  (0)


Gleg releases Ver 1.7 of the SCADA+ Exploit Pack

October 24, 2011 Added by:Joel Langill

On October 20, Gleg released version 1.7 of the SCADA+ Exploit Pack for the Immunity Canvas framework, though this time around, I do not see a lot of unique value in the code updates. Modules of interest in this release represent the bulk of the ICS/SCADA vulnerabilities disclosed in September...

Comments  (0)


Stuxnet, Duqu Take Malware to Next Level of Cyberwarfare

October 24, 2011 Added by:Kelly Colgan

Duqu executes a reconnaissance mission by collecting design documents from an entity—critical industrial infrastructure components such as SCADA systems—to facilitate a future attack. It’s naïve to think we’re immune to these advanced cyberthreats, even with many layers of protection...

Comments  (0)


W32.Duqu - Harbinger of the Next Stuxnet?

October 19, 2011 Added by:Ron Baklarz

The new malcode has so much in common with Stuxnet, it is purported to have been written by the authors. W32.Duqu's primary purpose is intelligence gathering by focusing on industrial control system manufacturers with likely intent on future attacks against targeted victims...

Comments  (1)


DHS Releases Cyber Security Evaluation Tool (CSET)

September 27, 2011 Added by:Headlines

The Department of Homeland Security's National Cyber Security Division (NCSD) has released a Software tool set to better enable organizations to examine risks to industrial control systems (ICS) and implement more secure protocols for protecting the nation's critical infrastructure...

Comments  (0)

Page « < 10 - 11 - 12 - 13 - 14 > »