SCADA Security News

Joe Weiss’s annual ICS Security Conference (aka WeissCon) has been on, then off, and now back on again. Well, sort of. SecurityWeek has purchased the event from Joe. The press release states Joe “will remain heavily involved in the event series as a key member of the conference management team.”

An instant classic response from vendor Festo to vulns identified by Digital Bond alumnus Reid Wightman in an ICS-CERT Advisory, “Festo has decided not to resolve these vulnerabilities because of compatibility reasons with existing engineering tools.”  Guess those engineering tools need an unauthenticated FTP backdoor.

The SCADASEC list highlighted an example of ICS spear-phishing. This time they tried to lure people into clicking on a link to buy the Macauley and Singer ICS Security book … a good book by the way. The page has been taken down, but some of the others ask for “credit card verification”.

The US NIST has released the 3.0 draft of the Framework and Roadmap for Smart Grid Interoperability Standards. Go to page 17 to see what is new in Release 3.0.

Belden announced the Tofino Enforcer Software Development Kit (SDK), “a toolkit that allows third parties to create next generation cyber security solutions using the company’s patented Deep Packet Inspection (DPI) technology.” Is there a market for this? My guess is a large customer wanted to do this, and Belden/Tofino decided to create a product out of the effort.

Two men pleaded guilty to stealing $200K worth of PLC’s from a variety of oil companies. A lot of PLCs and RTUs in remote SCADA field sites lack physical security. It’s surprising this does not happen more often.

I decided to accept the invitation to travel to St. Louis on August September 6th and speak at the inaugural ArchCON. It is a general IT Security event with some great speakers, e.g. Charlie Miller and Richard Bejtlich. Put it on your calendar if you are in or near St. Louis.

Look for another Project Redpoint release next week.