SCADA Security News

Kelly Jackson Higgins has a Worth Reading article on ICS-CERT. The common line of defense of ICS-CERT is a CERT only does coordination, and we should not expect more. I’m glad that Kelly included ICS-CERT’s mission verbatim in the article. What really has happened is the DHS Control System Security Program (CSSP) brand has been converted to ICS-CERT. This is why you had the CSSP Year in Review 2011 renamed the ICS-CERT Year in Review 2012. ICS-CERT is the public arm for DHS on all things ICS security. Loyal readers know I’ve covered my thoughts on DHS and ICS-CERT in detail the last two weeks.

Results from a Kyle Wilhoit’s high interaction (realistic) SCADA Honeynet were presented at BlackHat EU this week. Corelan writes up the details. Most interesting are the 17 different attacks including some that used Modbus TCP to modify the process, such as modify the pump pressure, modify the temperature output. BlackHat has posted his presentation.

Mark Weatherford announced he was leaving his position as DHS Under Secretary for Cybersecurity to join the Chertoff Group. He was there even less than the two year norm for a DHS cyber position. Bruce McConnell will be Acting Under Secretary until a successor is named.

Continuing on the job front, an interesting job posting this week for the NIST Director, Smart Grid and Cyber-Physical Systems Job.

Tweet of the Week

[blackbirdpie id=”312193846853373952″]

Don’t forget to subscribe to this blog RSS feed and follow on twitter.

Worth Reading Articles

Critical Intelligence’s ICS Security Event Calendar Updates

  • DHS ICS-CERT Red Team / Blue Team Training, June 17-21 in Idaho Falls, Idaho
  • NERC GridSecCon, Oct 15-17 in Jacksonville, Florida
  • NERC GridEx II, Nov 13-14 all over the US

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by chrisinplymouth