Friday News & Notes

22 Nov 2013 | 2013

SCADA Security News

And we’re back … with items from recent weeks.

A reminder to check out the S4x14 agenda and register for the event Jan 14-17 in Miami Beach.

ISA announced that Codenomicon’s fuzzing tools are approved for use in the Communications Robustness Testing (CRT) portion of the ISASecure certification. This is a positive step forward for ISASecure. Wurldtech’s Achilles was used as the de facto tool at the start due to the difficulty of writing a detailed tool criteria, but the vision was to allow multiple fuzzing tools to be used as long as they meet a certain level of rigor. This is now achieved with certification organizations having the choice between the Wurldtech and Codenomicon tools.

FERC approved NERC CIP V5 as expected, but there are some changes they will require in V6. As always Tom Aldrich has the best coverage.

Nice job by ICS-CERT to clarify the DNP3 vulnerability impact to the master station in their updates on Nov 14th and 21st. Still it has the incredibly weak statement “Impact to individual organizations depends on many factors that are unique to each organization.” Yes. Of course. Is there another place in DHS where they say this is a serious vuln, particularly for DNP3 in SCADA?

Eyal Udassin of C4 Security in Israel, and a S4x08 presenter, has a slick new video on their ICS IDS / protocol analyzer / forensic tool FIDES.

Tweet(s) of the Week

OH: “Gonna have to tell the customer that changing an excel document extension to “.gpg” doesn’t make it secure…”

— Graham Sutherland (@gsuberland) November 22, 2013

Worth Reading Articles

  • Ralph Langner’s Final Stuxnet Analysis

Critical Intelligence’s ICS Security Event Calendar Updates

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by chrisinplymouth