ICS Security News

I recorded the first edition of our new podcast Unsolicited Response this week. Some months will have 1, 2 or 3 podcasts; others will have 0. It will be out on Tuesday and hope you like it as much as the previous This Month In Control System Security.

Justin W. Clarke, now with Cylance, demonstrates how he hacked GarrettCom and RuggedCom in a one hour recorded webinar. Perhaps we need to start a Worth Watching section.

INL’s Sophia Fingerprinting Tool is now available for licensing. As mentioned in an earlier Friday News & Notes, this product identifies new communication on the network. It is aimed at ICS networks, but the same capability exists in Tenable’s Security Center, WhatsUp Gold’s FlowPublisher, and many other tools. Will INL get any takers to pay for this technology license? If not, will they release it as open source?

The Honeynet Project has put up a realtime global visualization map that displays the origination location of attacks on monitored Honeypots. It’s anecdotal evidence at this point with most of the data coming from a single Honeypot assigned a large address space.

The winner of NIST’s Secure Hash Algorithm 3 (SHA-3) is Keccak. One of the unexpected outgrowths of the contest is the SHA-2 seems to be more secure than what many experts thought 5 years ago. Bruce Schneier applauded the choice because SHA-3 will be very different than SHA-2.

SANS named the Top Cyber Security Journalist Award Winners this week, and it included frequent SCADA security writers Kim Zetter, Dan Goodin and Kelly Jackson Higgins. The recognition is well deserver.

Tweet of the Week

[blackbirdpie id=”254219934312321026″]

Don’t forget to subscribe to this blog RSS feed and follow @digitalbond.com on twitter.

Worth Reading Articles

  • Microsoft Security Blog: The Threat Landscape in the Middle East: Part 3 Israel and Saudi Arabia
  • Bob Lockhart of PikeResearch: In Smart Grid Cyber Security, It’s Still Groundhog Day

Critical Intelligence’s ICS Security Event Calendar Updates

  • ISA training Advanced Industrial Cybersecurity, March 18-22 in Research Triangle Park, North Californis
  • ISA training Advanced Industrial Cybersecurity, April 22-25 in Burbank, California

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by Banalities