Items Tagged with "Industrial Control Systems"
November 21, 2011 Added by:Chris Blask
Monitoring of water treatment networks using common SIEM or log management tools offers the kind of capability that can address the need for visibility into control system behavior. The ICS networks found in water facilities are deterministic systems with highly predictable behavior...
November 21, 2011 Added by:Robin Jackson
Those who see concerted nation-state cyber attacks in every compromised system are like the little boy who cried "Stuxnet" whenever a control system is hacked and those who poo-poo the vulnerabilities that come to light are like the little pig who built his house of straw and said "I'm safe"...
November 18, 2011 Added by:Headlines
"No damage was done to any of the machinery; I don't really like mindless vandalism. It's stupid and silly. On the other hand, so is connecting interfaces to your SCADA machinery to the internet... This required almost no skill and could be reproduced by a two year old..."
November 18, 2011 Added by:Robert M. Lee
Information is still coming out on this event and the DHS has stated that they and FBI are still gathering information but believe none of the information so far indicates a risk to critical infrastructure. However, the concerns this incident raises are valid regardless...
November 16, 2011 Added by:Joel Langill
First, you need to expand your concept of an “embedded web server” beyond something that a user would use when launching a browser and entering a URL for the device. Vendors actually use embedded web servers for a number of reasons, and many of these vendors are leaders in the industry...
November 16, 2011 Added by:Headlines
"Utility cyber security is in a state of near chaos. After years of vendors selling point solutions, utilities investing in compliance minimums rather than full security, and attackers having nearly free rein, the attackers clearly have the upper hand..."
November 15, 2011 Added by:Brent Huston
One of the largest identified issues among the conversations at the symposium was the idea that cooperation and coordination between control network operators and engineers and their peers on the traditional business-oriented IT staff is difficult, if not nearly impossible...
November 08, 2011 Added by:Headlines
"As the rate of bolder, more sophisticated cyber attacks continues to spiral upward, ensuring data integrity and security has become increasingly challenging. By necessity, preventing unauthorized intrusion into critical systems has become a top priority..."
November 01, 2011 Added by:Headlines
“The findings of this survey are somewhat alarming, given recent attacks like Nitro and Duqu that have targeted critical infrastructure providers,” said Dean Turner, director, Global Intelligence Network for Symantec...
October 31, 2011 Added by:Headlines
"Both Duqu and Stuxnet are highly complex programs with multiple components. All of the similarities from a software point of view are in the "injection" component implemented by the kernel driver. The ultimate payloads of Duqu and Stuxnet are significantly different and unrelated..."
October 24, 2011 Added by:Joel Langill
On October 20, Gleg released version 1.7 of the SCADA+ Exploit Pack for the Immunity Canvas framework, though this time around, I do not see a lot of unique value in the code updates. Modules of interest in this release represent the bulk of the ICS/SCADA vulnerabilities disclosed in September...
October 24, 2011 Added by:Kelly Colgan
Duqu executes a reconnaissance mission by collecting design documents from an entity—critical industrial infrastructure components such as SCADA systems—to facilitate a future attack. It’s naïve to think we’re immune to these advanced cyberthreats, even with many layers of protection...
October 19, 2011 Added by:Ron Baklarz
The new malcode has so much in common with Stuxnet, it is purported to have been written by the authors. W32.Duqu's primary purpose is intelligence gathering by focusing on industrial control system manufacturers with likely intent on future attacks against targeted victims...
September 27, 2011 Added by:Headlines
The Department of Homeland Security's National Cyber Security Division (NCSD) has released a Software tool set to better enable organizations to examine risks to industrial control systems (ICS) and implement more secure protocols for protecting the nation's critical infrastructure...