We added a bunch of info to the S4x15 site including the newly designed banner, see below. We are almost through the first 50 tier ticket pricing (42 sold).
“DHS ICS-CERT” and FBI announced, a bit clumsily, that they will be touring 13 cities across the US and providing “a series of SECRET briefings …for cleared asset owners/operators. … These briefings will provide additional context and information about the BlackEnergy campaign as well as the Havex malware that both targeted industrial control systems.” Sounds like a worthwhile program if they have unique information. I always wonder why these briefings happen after, rather than before, the information is released publicly by researchers and vendors. This is related to an ICS-CERT Alert issued this week.
Some good news on the INL front, they recently added Andy Bochman to the team. I’ve always admired Andy’s writing on Smart Grid security and other ICSsec matters when at IBM and in his own startup. Good luck Andy.
Fireeye released a whitepaper on a Russian organization they are calling APT28. It does not appear to have any critical infrastructure ICS aspects, although some of the government systems being attacked or having intelligence gathered could be ICS.
The team at Netrecsec wrote a nice blog summarizing the three vendors who were distributing Havex infected software.