SCADA Security

This Blog Has Migrated to Industrial Security at Belden.com

With the last post from Eric and Joann Byres below, this blog is now closed.  However, Belden continues to publish ICS security articles at the Industrial Security blog on Belden.com

Farewell from Tofino Security Founders Eric and Joann Byres

This blog is the last one from me as a member of the company that manufactures and sells Tofino Security products. Joann Byres (Tofino co-founder and Belden Vice President) and I are retiring from the Tofino Security group at Belden effective January 30, 2015.

Dragonfly Malware Targets ICS Systems

The age of malware specifically targeting industrial control systems (ICS) began in 2010 when Stuxnet was revealed to be disrupting operations at one of Iran’s nuclear enrichment facilities. Since that shock, we have seen advanced malware, such as Flame and Duqu, target energy companies for espionage purposes.

Making Security Simple with the Next Generation Tofino Cyber Security Solution

When I started Tofino Security in 2006, my two goals were to make industrial cyber security easy to deploy and better suited for the real needs of mission critical networks. Our first generation products went a long way in doing that, but like any initial offerings they reflected a limited feedback loop from users in the field.

Today I am proud to say that we have integrated lessons learned over the last eight years to deliver Tofino 2.0, our next generation of industrial cyber security solutions.

Tofino 2.0 is a suite of products and services that includes:

Is BYOD Security Really Concerned with Safety – or Is It All About Control?

If you are a regular follower of this blog, you’ve probably noticed that I haven’t been writing much in the past few months. I have simply been too busy, traveling and speaking at some really great security conferences.

How the Windows XP End of Support will Impact Industrial Applications - Part 1

Author Mike Miclot

Nobody likes the job of replacing a good team member when they retire. Yet, that is the job the manufacturing industry is faced with as a trusted component of the industrial application ecosystem steps down from active duty. That component is the Windows XP operating system (OS), a workhorse of a product that is pervasive in factories, energy facilities and many critical infrastructure systems around the world.

Upgrading Windows XP – Mitigate the Vulnerabilities Immediately Using an Industrial Firewall – Part 2

Author Mike Miclot

On the eve of April 8, Microsoft retired support for the Windows XP operating system (OS) – leaving millions of Windows XP users susceptible to accidental and deliberate security issues. Though the retirement had been long planned and with fair warning, industrial network users are just beginning to comprehend the ramifications.

Cyber Security for Water Systems – No Voodoo Required!

You have likely never worried about the possibility of a high school geek doing some programming that affects your home water quality. Well, neither had I until I learnt that some municipal networks have no security between the network their schools use and the one that runs their water/wastewater facility.

Easy-to-use Schneider ConneXium Tofino Firewall Advances SCADA Security

One of the major differences between industrial networks and enterprise networks is that industrial networks are typically managed by engineers or technicians. Now engineers are experts at making good product, designing control loops and so on, but they are not IT security wizards. That's the reality, and it means that security products that "just work" reliably and safely with automation systems are going to be more effective in actually delivering security than products that don't.

The Byres/Peterson Live Debate at S4x14

Dale Peterson and I have been debating ICS security in our blog posts for over a year now. This January, we took our debate live at the S4x14 conference in Miami, Florida. While Dale refers to me as a SCADA Apologist, I believe I am more of a SCADA Realist.

Jeff Smith’s Practical SCADA Security

Jeff Smith of American Axle & Manufacturing (AAM) is a guru in the world of industrial Ethernet networking and ICS Security. We were fortunate to have him speak again at the 2013 Belden Industrial Ethernet Infrastructure Design Seminar.

DNP3 Vulnerabilities Part 2 of 2 – Why DPI Firewalls Might be Industry’s Only Hope

In last week’s Practical SCADA Security blog, I discussed how the new vulnerabilities discovered in DNP3 SCADA masters are carving big holes in the NERC’s concept of the Electronic Security Perimeter (ESP).

DNP3 Vulnerabilities Part 1 of 2 - NERC’s Electronic Security Perimeter is Swiss Cheese

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.

ISA Recognizes Eric Byres for Leadership in SCADA Security

Today I am glad to be writing about a good news story. That story is that Belden's Eric Byres is being awarded the ISA (International Society of Automation) Excellence in Leadership award for his contributions to the automation industry in the area of industrial security.

This award must be particularly exciting for Eric because it is ISA's most prestigious award and is awarded by his peers, that is, members of ISA.

ISA President Terrence G. Ives remarked:

Project SHINE: 1,000,000 Internet-Connected SCADA and ICS Systems and Counting

Eric Byres: One of the statements I continue to hear as I talk to executives, managers and engineers is "None of our SCADA or ICS equipment is accessible from the Internet." So this week’s blog contributor, Bob Radvanovsky, of www.infracritical.com, explains Project SHINE – his effort to determine if this statement is fact or fiction.

Shining a Light on a Big Problem

By Bob Radvanovsky

Enough Clucking – Start Fixing the SCADA Security Problem

In a recent blog article – Chicken, Egg, and Chicken Omelette with Salsa – Dale Peterson is squawking like a rooster. Nothing new, but this time his message is scrambled. He once again referred to me as a SCADA Apologist, though this time he also labeled me the “salsa” that accompanies a chicken omelette.

Securing Industrial Protocols – It Can Be Done

Recently there was a thread on SCADASEC news, a restricted access critical infrastructure mailing list, about the challenges of firewalling BACnet networks. If you only work in the industrial automation space, you may not have heard of this protocol, but it is big in building automation. Regardless, the discussion around BACnet applies to many industrial protocols.

Securing Offshore O&G Platforms - Advanced Threats need Advanced Firewalls

One of the industries major oil and gas trade shows, the Offshore Technology Conference (OTC) was held last month. Belden and Tofino Security had a very busy booth there, as both safety and security were hot topics with attendees. It is good to see that security is finally making the list of corporate priorities.

Now when engineers look at security, a topic they should know about is Deep Packet Inspection (DPI) and why offshore networks need to use it if they want to be secure.

Secure Industrial Networks with the Right Tools

Improving the cyber security of industrial networks is a challenge you may be facing.

On the one hand your manufacturing processes probably use devices such as PLCs (programmable logic controllers) and DCS (distributed control systems) that were designed with a focus on reliability and safety rather than security. On the other hand your industrial networks are already, or soon will be, connected to your company’s enterprise networks and migrated to Ethernet.

SCADA and ICS Cyber Security: Facing the Facts

Our last blog, contributed by Thomas Nuth, highlighted the fact that industrial cyber security is now being discussed by heads of state within the international community - the Executive Order – Improving Critical Infrastructure Cybersecurity signed by President Obama in February of this year being just one indication of the importance being attached to th

Pages

Subscribe to RSS - SCADA Security