March 2013

SCADA Security: Phishing Season is Open

Last week I received am email (shown further down on this page) purporting to be from the US Internal Revenue Service (IRS).

SCADA Security: Welcome to the Patching Treadmill

As regular readers of this blog know, after Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure.

Unfortunately, the Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) applications they are now focusing on are sitting ducks.

Patching for SCADA and ICS Security: The Good, the Bad and the Ugly

In my last blog, I discussed the reasons why critical industrial infrastructure control systems are so vulnerable to attacks from security researchers and hackers, and explained why patching for such systems is not a workable solution.