Submitted by Eric Byres on Mon, 2013-01-28 21:00
January is the Cruelest Month
Submitted by Heather MacKenzie on Wed, 2013-01-09 10:37
Google gave interviews over the holidays discussing the top searches done by people in various countries in 2012 (Google Zeitgeist 2012). “Zeitgeist” is “spirit of the age or spirit of the time” and it is interesting to see that for the U.S. the top search for the year was for Whitney Houston, while in Germany it was for EM12 (European football championships) and in Australia it was for Gangnam Style.
Submitted by Laura Mattson on Wed, 2012-12-12 12:28
Early in 2012 Eric Byres wrote a blog article predicting what he thought would happen in 2012 with regards to SCADA and ICS security. I went back to his blog and highlighted the four main predictions he made. Then I asked him to rate himself on each one.
Submitted by Joann Byres on Tue, 2012-11-20 11:29
Submitted by Eric Byres on Wed, 2012-11-14 10:45
“Lacking extravagant IT budgets, automation systems also require cyber security systems that just work, with a minimum of human intervention.”
Submitted by Eric Byres on Thu, 2012-11-08 10:28
Who is responsible for fixing the thousands (some say 100,000) of vulnerabilities that exist in PLCs, DCS, RTUs and other automation devices that are in use in facilities around the world?
On the one hand, we have the position of Dale Peterson at Digital Bond. Dale ardently argues for (and takes) aggressive measures to pressure ICS vendors into making their products more secure. Through their 2012 Project Basecamp and subsequent disclosures, Digital Bond publically released vulnerability details for a large number of controllers.
Submitted by Eric Byres on Tue, 2012-11-06 11:12
In last week's blog, Heather wrote an excellent summary of Mark Cooksley's network security presentation regarding "Why Industrial Networks are Different than IT Networks". In it she noted that the number one goal of ICS security is based on the concern for safety. This is spot-on in my opinion. However, there is more to consider when it comes to industrial security priorities…
Submitted by Heather MacKenzie on Wed, 2012-10-31 14:07
Previously we looked at the question of “Why are PLCs so insecure?” Today we are going to come at SCADA security from another angle, which is “Why is securing Industrial Networks different than securing IT Networks?” We will also look at three ways to address these differences.
Submitted by Heather MacKenzie on Thu, 2012-10-25 21:00
Ed. Note: This is a significant update to an article first published on Sept 25, 2012. The original article is available as a download in Related Links.
Submitted by David Alexander on Wed, 2012-09-19 21:00
To understand the problems faced by SCADA users, the team at Regency IT Consulting wanted to build a basic test rig. The goal with the rig was to help us understand the users’ challenges and to interact with the technology and protocols.
Submitted by eschweigert on Wed, 2012-09-12 15:23
Last week Eric Byres addressed the difference between SCADA, ICS and other jargon in our industry. This week I am going to address a question I am often asked “Why are industrial networks so hard to secure?” This is a big topic, so today I will address only “Why are PLCs so Insecure?”
Submitted by Eric Byres on Wed, 2012-09-05 21:00
Recently I saw a posting on LinkedIn asking “What’s the difference between a SCADA system and an ICS system, and if there is no difference, then why do we have two different names?”
This is a good question, because unless you have worked in the industrial automation field for a few decades, the terminology can seem very confusing. Not only do we have SCADA versus ICS, we also have terms like Process Control, Discrete Control, Industrial Automation, Manufacturing Automation Systems, Distributed Control Systems, Energy Management Systems and so on.
Submitted by Eric Byres on Wed, 2012-08-29 13:46
Editor's Note: This is an updated version of this article, which was first published on June 14, 2011.
Submitted by thomas.nuth on Tue, 2012-08-14 10:06
Finding a way to determine the right level of investment in ICS and SCADA Security has been an ongoing challenge for industry. In an earlier article the Total Cost of Ownership approach for calculating investment level was described. Today I present another method called Value at Risk (VaR).
Submitted by Heather MacKenzie on Wed, 2012-08-01 21:00
Engineers as well as IT staff in the process control and SCADA industries have varying levels of knowledge about industrial cyber security. We come across this regularly when talking to people at industry events or speaking with customers or partners. To help you, no matter where you are in the learning curve, we have recently released a five-part video series.
This article summarizes the videos and provides you with direct access to them.
Submitted by ernest.hayden on Thu, 2012-07-26 12:54
Submitted by Eric Byres on Thu, 2012-07-05 11:17
Editor's Note: This is an updated version of this article, which was first published on June 30, 2011
Recently I gave a talk focused on air gaps as a security strategy in control systems. The talk was at the AusCERT 2012 conference and to my amazement, it generated a large amount of discussion in the media both inside and outside Australia. Here are a few examples: |
Submitted by Heather MacKenzie on Tue, 2012-06-26 21:00
Did Iran really detect a planned "massive cyber attack" against its nuclear facilities, as reported by Reuters last week? And, have they really “taken [the] necessary measures” to contain it?
Submitted by Eric Byres on Tue, 2012-06-05 21:00
The discovery of the Flame malware last week focused the cyber security world on the sophisticated strikes targeting energy companies in the Middle East. Although Flame’s goal was espionage rather than damaging operations as Stuxnet did, it has been seen as one more indication that the industrial world is now in the bull’s eye of clever attackers.
Submitted by Eric Byres on Tue, 2012-05-29 21:00
Over the weekend a new super worm exploded onto the cyber security landscape. Known as Flame or sKyWIper, it appears to be targeting sites in the Middle East, just like the Stuxnet and Duqu worms did. But what does it have to do with SCADA or ICS security? At this stage the answer appears to be nothing and…everything.