tofino security

Happy Holidays 2012 from the SCADA Security Experts

One of the pleasures of the Holiday Season is the opportunity to say "thank you" for being part of our SCADA security community over the last year. We very much appreciate your readership and the stimulating dialogue that results from it.

The team at Tofino Security sends you and your family warm thoughts and best wishes for a wonderful Holiday, and a very Happy New Year.

Happy Holidays from the SCADA Security Experts

The team at Tofino Security wishes you a very happy holiday season and a New Year filled with peace and prosperity.

Tofino Security Team Winter Image 2012

Our next blog article will be published the week of Jan 2nd.

Have a safe, fun and happy holiday!

Byres Security Acquired by Belden: Message from the Founders

Today is a big news day for Byres Security Inc. (BSI), as we are announcing that our company has been acquired by Belden Inc.

We (Joann Byres and Eric Byres) are writing this article to let you know what the future has in store for us, and for our company.

What will stay the same?

Byres Security Inc. will run as an independent business unit under Belden, and the Tofino Security brand will remain the same.

BSI will continue:

Using Tofino Security to Control Stuxnet - New Application Note

One of the three pathways Stuxnet uses to infect other computers is via the Local Area Network communications inside the control system (the other two are via infected USB drives and via infected Siemens project files).

This blog post addresses how to restrict network-driven infections using the Tofino Industrial Security Solution as the example product for mitigation. Tofino is our own product, so you know where my bias is.  However, no matter what technology is deployed, the concepts I will talk about are the same.

Stuxnet Mitigation Matrix Updated

Stuxnet Mitigation Matrix Updated
 
This is a short note to let you know that we have updated our Stuxnet Mitigation Matrix to version 1.1, based on feedback from our readers.
 
The new version addresses the need to test and/or confirm all mitigations, including firewalling the Remote Procedure Call (RPC) protocol.

Stuxnet Mitigation Matrix

Our goal with this blog is to provide you with practical information to help you avoid network incidents that disrupt operations.

With this in mind, today we are releasing a Stuxnet Mitigation Matrix that presents easy-to-follow actions to take against Stuxnet.

PDF Stuxnet Mitigation Matrix by Tofino Security is a printable version of the mitigation matrix that includes dynamic links to detailed information on each of the patches and mitigations.

No Silver Bullet for Stuxnet / Siemens WinCC Malware - White Paper

Last week, Rick Kaun in his blog “[In]security Culture”, blasted the “security vendors” who were claiming that if the ICS/SCADA world used their offering, we would have avoided the whole Stuxnet mess. As Rick very correctly points out, this is complete rubbish - there is no silver bullet for security in general, but in the Stuxnet case it is dangerously inaccurate.

Using Modbus PLC's? Here's How To Protect Them

Last week I wrote about a malicious attack on an industrial control system (ICS) initiated by outsiders. This week I'll discuss a PLC accident caused by an insider, and suggest some possible solutions for both of these incidents.

Subscribe to RSS - tofino security