The US National Science Foundation (NSF) has provided another $1.6M to a university group led by the University of Illinois to detect and prevent attacks on the power grid. The most interesting part is the use of the Bro network security monitor. So Bro should have more ICS intelligence in the near future.
The Friday News & Notes could be filled most recent weeks with NSA disclosures. The most interesting article for ICS this week comes from Kim Zetter at Wired. She writes about project Genie and the effort by NSA to exploit and hijack routers rather than servers and workstations because they lack security software and are typically ignored. Doesn’t this sound like PLC’s, serial to Ethernet gateways and other non server/workstation components on an ICS?
Kudos for the DNP3 Technical Committee for releasing a DNP3 Secure Authentication Tutorial. You do need to be a member of the DNP Users Group ($300) to get it. DNP3 is a leader on adding security to an ICS protocol, now we just need to get vendors to implement it and owner/operators to deploy it.
Tweet of the Week
The word for working with a manufacturer or standards body to weaken a security system isn’t “partnership”, it’s “sabotage”.
— matt blaze (@mattblaze) September 6, 2013
I just added an exclamation point to all my passwords. Your move NSA.
— Brian Kennish (@byoogle) September 6, 2013
Worth Reading Articles
- Ralph Langner’s Robust ICS Planning and Evaluation (RIPE) Framework (pdf)
- Memoori Blog The Transition to LED Lighting may Trigger a Cataclysmic Change in the Building Automation Industry
- DailyTech Charlie Miller Releases Open Source “Car Sabotage Toolkit”
Critical Intelligence’s ICS Security Event Calendar Updates
- DHS/INL’s Advanced ICS Red Team / Blue Team Course, Dec 2-6 in Idaho Falls, Idaho
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by chrisinplymouth