SCADA
Industrial Data Compromise – the New Business Risk
Posted by Frank Williams on Jan 11 2012Today is the day that Tofino Security is announcing that I have joined their team. I am very excited about this, particularly because I believe that industrial cyber security is the next major impactful technology to hit the automation industries.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
Schneider Vulnerabilities: Where are the ICS/SCADA End Users?
Posted by Eric Byres on Dec 16 2011On December 12, Rubén Santamarta publicly announced details of multiple vulnerabilities affecting the Schneider Electric Quantum Ethernet Module.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
The Italian Job – Multiple SCADA / ICS Vulnerabilities Go Public
Posted by Eric Byres on Mar 23 2011Selling the concept of security for SCADA and ICS might still be struggling, but publishing vulnerabilities for SCADA and ICS equipment seems to be a growth industry.
Thirty-Four SCADA Product Vulnerabilities
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
ISA99 Stuxnet Gap Assessment – Why It’s Important
Posted by Eric Byres on Mar 09 2011Last week the International Society of Automation (ISA) announced that a new committee, ISA99 WG5 TG2, has been struck to conduct a gap analysis of the current ANSI/ISA-99 standards with respect to Stuxnet. The goal is to determine if companies following the standards would have been protected from advanced persistent threats (APTs) such as Stuxnet.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
A Nasty New World of Cyber Threats for ICS and SCADA Security
Posted by Eric Byres on Feb 18 2011February has not been a good month for ICS and SCADA security, at least not if you want to feel secure.
Vendor Vulnerability Reports
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
The Amazing Mr. Stuxnet
Posted by Eric Byres on Sep 23 2010Week after week, the Stuxnet worm continues to amuse and astound all of us that have studied it. Last week it was Ralph Langner’s detailed analysis that showed Stuxnet wasn’t just infecting Windows boxes and stealing data, it was specifically designed to modify PLC logic so it could destroy a physical process.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
Stuxnet - I was wrong
Posted by Eric Byres on Sep 17 2010Back in July when Stuxnet first became public, I wrote in our Siemens PCS7 WinCC Malware White Paper and told anyone that would listen that Stuxnet was targeted at stealing intellectual property from process systems.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
Passwords: Real Bad Security (But We Have To Live With Them)
Posted by Eric Byres on Aug 31 2010One of the best things about the whole Stuxnet worm fiasco is that it has brought one of the biggest security issues – the use and abuse of passwords – into focus.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
Sample ICS Security Incident: Hackers Shut Down Crude Oil Loading Terminal For 8 Hours
Posted by Scott Howard on Aug 17 2010We had a request recently from a reader to provide an example of a malicious attack by outsiders on a control system, how it was done, and what impact it had on the plant and the owner. This is surprisingly tough to do, because according to RISI the vast majority of security incidents are internal and/or accidental in nature.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
Why Stuxnet Affects All Windows Systems
Posted by Eric Byres on Aug 11 2010If you have been reading the various advisories on the Stuxnet malware, you would be forgiven for thinking that only computers running relatively new versions of the Windows systems are vulnerable to this worm.
© Tofino Security 2013 | All Rights Reserved | Tofino Security is a Belden Brand
