We covered the big stories of the week, Siemens announcement, Flame and the NY Times article in earlier entries. Here is what else happened.
Emerson DeltaV vulnerabilities made an ICS-CERT Alert this week. This is noteworthy because DeltaV is not some free demo software used in low value targets. It is one of the most important DCS in the critical infrastructure. You rarely see vulnerabilities published in DeltaV because it is a closed system, Emerson provides it all, and it is very expensive so researchers can’t get access without signing NDA’s. The multiple vulnerabilities, found by Kuang-Chun Hung, can be exploited remotely. Kuang-Chun worked with the CERT’s and Emerson, and a hotfix is available to address these vulnerabilities.
Paul Roberts of Threatpost has a helpful summary article on ICS-CERT’s Cyber Intrusion Mitigation Strategies document that came out last Friday. Anything that shines a light on better detection and forensics is worthwhile at this point. It still is the infancy stage in the ICS community.
Tweet of the Week
Worth Reading Articles
- Mikko Hypponen in Wired: Why Antivirus Companies Like Mine Failed to Catch Flame and Stuxnet DP Note – Pull quote “The truth is, consumer-grade antivirus products can’t protect against targeted malware created by well-resourced nation-states with bulging budgets. They can protect you against run-of-the-mill malware: banking trojans, keystroke loggers and e-mail worms.”
- NY Times article: Obama Order Sped Up Wave of Cyberattacks Against Iran
- Press Release: Siemens Enhances Security of Industrial Networks Through Integrated Security Functions
- Errata Security Blog: Bogus story: no Chinese backdoor in military chip
Critical Intelligence’s ICS Security Event Calendar Updates
- ICS Security Presentations at ISA POWID, June 5-6 in Austin, Texas
- ENISA Workshop Security Certification of Smart Grid Components, June 27-28 in Brussels, Belgium DP Note: The German and UK Certification schemes will be discussed.
- ISA Security Training, Introduction to Industrial Automation Security and the ANSI/ISA99 Standards, Sept 24 in Orlando, Florida
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by Ivy Dawned