May 2011

Protecting your ICS from Zero-Day Attacks (plus Video)

Nowadays Stuxnet has become a household term the second anyone talks about cyber security for industrial control systems (ICS). This sophisticated piece of malware first identified in 2010, showed just how powerful an ICS compromise could be in terms of both the impact to manufacturing operations and the possibility of mechanical damage. Was this an isolated attack, unlikely to occur again, or the beginning of a new era in ICS security issues?

PLC Security Risk: Controller Operating Systems

Recently I was asked “How could a hacker possibly attack an industrial controller like a PLC or SIS, since there is no operating system in these devices?”

Now some manufacturers would like people to believe there is no operating system in a controller, but unfortunately this is not true. Every RTU, PLC, SIS or DCS controller on the market today has a commercial operating system in it. For example, here are just a few I have worked directly with in the past:

IF-MAP: A New Standard for SCADA Security that You Should Know About

Readers of this blog are familiar with the significantly increased level of threat to industrial control systems (ICS) that the Stuxnet malware and the publication of many SCADA zero-day vulnerabilities have created.

“Son-of-Stuxnet” - Coming Soon to a SCADA or PLC System Near You

In the past two months, the number of serious security vulnerabilities being reported in SCADA and ICS products has sky rocketed. In late March, I blogged about how Luigi Auriemma published 34 vulnerabilities (with free exploit code) for 4 popular HMI packages.