ICS Security News

For the second week we have a story that dwarfed all others and led to a flurry of mainstream press interest — of course it is Mandiant’s Whitepaper on APT1. The related inside-baseball story I’m waiting for is how much all of this has been coordinated with the USG, Mandiant and NY Times. Coordination isn’t bad or wrong in a pursuit of a goal, and this whitepaper following on the heels of the Executive Order couldn’t be better timed for the Obama administration.

Like most in this industry, I was hit up by a lot of press requests for comment. Being a target of APT1 hardly makes me or anyone at Digital Bond experts on that threat agent. I tried to use the opportunity to get the focus on the need to upgrade or replace the insecure by design critical infrastructure ICS. I also tried to highlight the danger of remote connections into ICS as demonstrated by the Telvent hack.

An important story that didn’t get enough attention is ISA100 giving up the effort to converge the two big DCS wireless standards: ISA100 and WirelessHART. The effort probably started too late to succeed. The problem wasn’t converging security. Both protocols actually have very similar authentication and encryption algorithms and approaches. Full credit to Walt Boyes and ControlGlobal for some hard nosed reporting on this issue over the past couple of years.

NIST has put up a web page for the development of the Cybersecurity Framework required in last week’s Executive Order Improving Critical Infrastructure Security. The date for initial workshop is still listed as TBD.

An Apple-type store for ICS applications? Inductive Automation announced the opening of Ignition Module Marketplace at the ARC Forum. “The ability to instantly buy modules and share modules with the simplicity of an ‘app store’ experience will be revolutionary for our users,” said Hechtman.

Pike Research covers Toshiba’s acquisition of Consert and how this will increase its smart grid portfolio, particularly in the are of demand response.

Tweet of the Week

Couldn’t pick just one APT1 tweet

[blackbirdpie id=”304783746211663872″]


[blackbirdpie id=”304771407945011200″]


[blackbirdpie id=”304692935709032449″]

Don’t forget to subscribe to this blog RSS feed and follow @digitalbond.com on twitter.

Worth Reading Articles

Critical Intelligence’s ICS Security Event Calendar Updates

Nothing new this week.

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by chrisinplymouth