The big story of the week was Justin W. Clarke’s disclosure of an undocumented, remotely accessible backdoor to selected Ruggedcom equipment. But there were other stories.
We could link to a wide variety of articles on the US cybersecurity legislative efforts, but unless you find legislative machinations entertaining, it’s not worth the reading. This Congress will not pass legislation that would increase cyber security regulation on privately owned critical infrastructure. This Congress currently looks highly unlikely to pass legislation that will require information sharing in either gov/private or private/gov directions. Patrick Coyle blogged that some minor legislation may be approved just so everyone can say they passed a cybersecurity bill.
The National Iranian Oil Company (NIOC) disclosed that their Kharg Island Oil Terminal control system was infected with a virus. There is no info on whether this was widespread or tailored malware, and the story is very odd. From the article – “computer systems controlling several of Iran’s oil facilities were disconnected from the Internet as a precaution” — they were connected to the Internet? Also, what owner/operator discloses they were hit to Reuters? Which may lead to the next story …
A Congressional Hearing this week investigated the likelihood and capabilities of an Iranian cyber attack. Why would Iran be any different than any other country or organization developing an offensive cyber capability? Perhaps publicizing they are under attack, Stuxnet, Stars, Duqu, Kharg Island, real and imagined, could be used as justification for an offensive capability.
Let’s end the week with a light story. MIT students hacked a campus building automation system and controlled the office lights to play a game of Tetris on the building.
Tweet of the Week
Worth Reading Articles
- ARC Advisory Group article: Control System Security Center Against Cyber-Attacks Established in Japan
- Forbes article: What’s To Stop Hackers From Infecting Medical Devices?
- Dan Goodin’s article: Backdoor in mission-critical hardware threatens power, traffic-control systems
Critical Intelligence’s ICS Security Event Calendar Updates
- TCIPG Webinar Ground Truth Competency Assessment for Smart Grid Cyber Security , May 4
- Itron Webinar Securing AMI at BC Hydro, May 31
- Siemens Automation Summit Safety and Cyber Security Track, June 25 – 29 in Washington DC DP Note: Joel Langill has a presentation on an “objective” analysis of the to be released SIMATIC S7 Communication Processor that has authentication to address a key Stuxnet PLC vuln.
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by wsmith