Items Tagged with "SCADA"


69dafe8b58066478aea48f3d0f384820

Security Investment to Focus on Utility Control Systems

October 18, 2011 Added by:Headlines

“Unfortunately, one thing has not changed. Cyber security is still way behind the attackers. Even where strong countermeasures exist, they are not consistently deployed, and most sophisticated attackers look at smart grids from a systemic perspective..."

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

Logical Fallacies and the SCADA Security Problem

October 14, 2011 Added by:Craig S Wright

What is at stake is the loss of life and property that will result from compromised SCADA systems. Not just PLCs as the opponents of this position like to presuppose, but Windows XP and other systems that act as controllers. You think this does not occur? Well there you are wrong...

Comments  (3)

7fef78c47060974e0b8392e305f0daf0

Stuxnet, SCADA, Nation State Terrorism and FUD

October 13, 2011 Added by:Infosec Island Admin

With the advent of the “smart” grid, this might in fact make it easier to have a larger percentage of failure within the system itself. Everything being tied together this way and monitored will only serve to make the system more susceptible to a single point of failure...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

More Zero Day Vulnerabilities in SCADA Systems

October 12, 2011 Added by:Headlines

SCADA systems provide operations control for critical infrastructure and production networks including manufacturing facilities, refineries, hydroelectric and nuclear power plants. The vulnerabilities Auriemma discovered could allow remote execution of malicious code by attackers...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

HBGary CEO Hoglund: China is Top Threat to Security

October 12, 2011 Added by:Headlines

"China. There's a kind of cyber Cold War going on right now. I see it every day. The trouble, he says, is that few are willing to admit it. Most security companies won't come out and say it. The [US] government won't seem to out them for what they're doing either..."

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

Network Security and Mandatory Disclosure

October 10, 2011 Added by:Craig S Wright

Security disclosures can have an impact on a company’s share price. Some organisations actually have no economic impact from a breach. For others, the effect is catastrophic. But, security through obscurity is simply false security and leaves us vulnerable with no way to measure the true risk...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

DHS Releases Cyber Security Evaluation Tool (CSET)

September 27, 2011 Added by:Headlines

The Department of Homeland Security's National Cyber Security Division (NCSD) has released a Software tool set to better enable organizations to examine risks to industrial control systems (ICS) and implement more secure protocols for protecting the nation's critical infrastructure...

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

SCADA: Air Gaps Do Not Exist

September 26, 2011 Added by:Craig S Wright

There are a multitude of systems that simply need to be crashed, not controlled using an automated tool without human interaction. A human with control of a RAT does not need to write a variant for each system. They simply need to take control of the underlying operating system...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

STUXPOCALYPSE and FUDDERY

September 25, 2011 Added by:Infosec Island Admin

In order to have the “mass casualties” scenario, Stuxnet variants would have to be as varied as the number of makers of PLC systems out there. Just as the actual payload file to make a fire sale scenario happen would geometrically increase to have to become its own form of bloatware...

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

FACT CHECK: SCADA Systems Are Online Now

September 23, 2011 Added by:Craig S Wright

Nearly all SCADA systems are online. The addition of a simple NAT device is NOT a control. Most of these systems are horribly patched and some run DOS, Win 95, Win 98 and even old Unixs. Some are on outdated versions of VMS. One I know of is on a Cray and another is on a PDP-11...

Comments  (20)

7fef78c47060974e0b8392e305f0daf0

Stuxpocalypse: Hide Your Women and Children!

September 23, 2011 Added by:Infosec Island Admin

Sure, there are many systems out there running PLC’s and they are likely vulnerable to any number of attacks. However, can you please look back and see how long it actually took persons unknown to create the Stuxnet attack, and breathe a little before you go crying to the likes of the Monitor?

Comments  (13)

69dafe8b58066478aea48f3d0f384820

Original Stuxnet Researcher Issues Dire Warnings

September 23, 2011 Added by:Headlines

"After Stuxnet was identified as a weapon, we recommended to every asset owner in America – owners of power plants, chemical plants, refineries and others – to make it a top priority to protect their systems... That wakeup call lasted about a week. Thereafter, everybody fell back into coma..."

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

Webinar: Cybersecurity for Electrical Cooperatives

September 21, 2011 Added by:Infosec Island Admin

Free Webinar: NESCO is charged by the DoE with providing information on collaboration, tactical awareness, rapid notification, forensics and applied research. Steve Parker, NESCO Lead, will be hosting the session along with AlienVault's Chris Blask and Trusted Metrics' Michael Menefee...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researcher Discovers New SCADA Vulnerabilities

September 19, 2011 Added by:Headlines

"Finding zero-day (previously unknown holes) in SCADA software is like nuking fish in a barrel. People purchasing these systems need to push back on suppliers and ask them what they are doing to secure the system before selling it to customers," said Chris Wysopal, CTO for Veracode...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

U.S. - E.U. Collaborate on Smart Grid Standards

September 14, 2011 Added by:Headlines

"The potential benefits of Smart Grids are enormous, they can only be fully reached if we can all agree on global solutions. It is promising to see that NIST and SG-CG will be supporting common positions and areas of collaboration to ensure a consistent set of international standards..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Cybersecurity for Electrical Cooperatives - A Webinar

September 12, 2011 Added by:Infosec Island Admin

Free Webinar: NESCO is charged by the DoE with providing information on collaboration, tactical awareness, rapid notification, forensics and applied research. Steve Parker, NESCO Lead, will be hosting the session along with AlienVault's Chris Blask and Trusted Metrics' Michael Menefee...

Comments  (0)

Page « < 18 - 19 - 20 - 21 - 22 > »