2015 Articles
Ralph Langner OT Security Course Added To S4x16 Friday
Register Now for S4x16 and Advanced ICS Security Training As the existing courses are nearing capacity, we have added the course Building A Robust OT Security Program to the lineup of classes on the Friday following S4x16 (Jan 15th in Miami South Beach). The unique...
Katie Moussouris To “Perform” at S4x16
We have been referring to sessions on The Main Stage at S4x16 as performances. There will literally be past TED speakers and other compelling speakers who can command a stage in a 2400 seat auditorium on the Main Stage. These include Mikko Hypponen, General...
GridStrike Added To The Main Stage
We have been hopeful this information would be released on the S4x16 Main Stage, and now we can confirm that Sean McBride of iSight Partners will be presenting their GridStrike research. Inspired by the FERC study showing a major power outage if nine key US...
Stage 2: Technical Deep Dive Additions for Medical and Auto (in)Security
See Agenda and Register for S4x16 Jan 12-14 in Miami South Beach Tickets 201 - 300 now on sale for $1,395 We have firmed up the last three speaking slots for Stage 2: Technical Deep Dives at S4x16. These are sessions and speakers we have been chasing, waiting for a...
Performances on Three Stages at S4x16
Register for S4x16, Jan 12-14 in Miami Beach Tickets 151-200 Now on Sale for $1,295 The Jackie Gleason Theater allows us to have three stages running simultaneous performances. As we discussed in earlier posts, the Main Stage has the big names, entertaining...
Technical Meat At S4x16
Register Now For S4x16 Tickets 151-200 Now On Sale for $1,295 I've been highlighting the big name speakers and entertaining performances planned for the Main Stage at S4x16 because this is new and exciting. But we have not forgotten what S4 has been about since it...
ISA Jumps Big Into ICSsec Certification Game
SANS ICS 410 course and corresponding GICSP certification have significantly expanded the ICS security training market and taken a sizable market share. Some of the growth is related to increased awareness and interest in the field, and a large part of the growth is...
Impact of Vulns in Oracle/SAP Connectors To ICS
Alexander Polyakov and Mathieu Geli of ERPScan presented some interesting research on vulnerabilities in ERP application software that could be used to attack ICS last week at BlackHat Europe in Amsterdam. In particular, the researchers have discovered vulnerabilities...
Don’t Miss S4x16 Craft Beer Bash By Leaving Early
Immediately after the last speaker at S4x16, at 4:30 on Thursday Jan 14th, we will be having a craft beer bash at the Jackie Gleason Theater where S4x16 is held. More details to come on what brewers are being included, but I know many of you are making airplane...
ISA100 / WirelessHART Sentinel To Detect Jamming?
Idea: Set of wireless sentinels to identify and locate jamming attempts in or around a plant site. The big two industrial wireless protocols are WirelessHART and ISA100.11A. Unlike most ICS protocols they are not insecure by design. They have encryption and...
Top 5 Reasons To Attend S4x16
S4 Web Page: https://s4xevents.com/ 1. It has the most detailed technical content and bleeding edge offensive and defensive security presentations. Watch the videos or ask around if you need confirmation. Since 2007, S4 is where the best researchers around the world...
Basecamp for Serial Converters
Corey Thuen lead a recent Labs research project focused on Serial-to-Ethernet gateways. Traditionally, remote field sites were connected to wide ICS and SCADA networks via serial connections. Leased serial lines are increasingly harder to come by, as telcos...
On Internet-Connected Cellular Gateways
Recently we looked at a few ethernet-to-cellular and serial-to-cellular gateways for security issues by scavenging and analyzing firmwares from a few common vendors. These are devices that are targeted towards Industrial users (and, ironically, ATMs are also in...
S4x16 CTF Update
A common problem that occurs when you provide an environment or playground is that the sheer number of choices is overwhelming. Providing a network full of PLCs, Historians, and other ICS equipment often results in an interested participant not actually participating...
IIOT Term Is Actually Hurting Clarity and Awareness
My initial alarm on the term Industrial Internet of Things (IIOT) occurred at the ARC Forum this February. I was stunned that basic DCS, SCADA and other ICS functions that have been occurring for decades were called IIOT. In fact ARC was taking well understood, more...
Free Ticket for 5 Students to S4x16
We will provide five lucky students a free ticket to attend S4x16, Jan 12-14 in Miami South Beach. If you want one of these tickets send an email to s4@digitalbond.com and describe your ICSsec qualifications, any current related research project, and why you want...
Richard Bejtlich Added As S4x16 Closing Keynote
Register for S4x16 Now We are pleased to announce another big name and interesting speaker for the S4x16 Main Stage. Richard Bejtlich, Chief Security Strategist of FireEye, will present The Revolution in Private Sector Intelligence as the closing Keynote of S4x16. You...
Gen. Michael Hayden is Day 1 Keynote at S4x16
Register now for S4x16 Another great speaker added to the S4x16 Main Stage agenda. General Michael V. Hayden will give the Keynote Address on the Main Stage on the first day of S4x16, Tuesday January 12th. Gen. Hayden is a former CIA and former NSA Director during the...
Ernie Rakaczky Scholarship Fund Benefit at S4x16
I think Ernie would smile (is smiling) about how this came about. We wanted Robert Lee to teach a class at S4x16 on the Threat Intelligence process that professionals use, primarily to counteract the widespread unprofessional analysis we are seeing on ICS events....
S4x16 Registration is Open – Agenda Announced
We opened registration for S4x16 at noon EDT today, October 1st, as scheduled on the S4x16 site. A flurry of early purchases followed taking advantage of the first 50 ticket sale at $995, the same price as the original two-day S4x07. I expect those tickets to be gone...
Let’s Get Physical and The Easy Button at S4x16
We received a large number of session proposals describing cyber-physical attacks on ICS. While I'm not crazy about that term, it's good to see the emphasis on looking at the engineering and automation required to reach the end goal of affecting the process in a...
Jason Healey on the Main Stage at S4x16
A number of people I respect greatly kept telling me to get Jason Healey to speak at S4 about cyber statecraft, cyber war, China, economics of cyber, ... He certainly has the bio for it with his experience as a Director for Cyber Policy at the White House, Vice Chair...
Ralph Langner Back On The Main Stage at S4x16
Ralph Langner of The Langner Group has been a speaker or attendee at every S4 since it began in 2007. And we are pleased to announce he will be back speaking at S4x16. His topic is: Critical Penetration Analysis - Turning the Art of Identifying Plant-Level...
Dale Peterson Will Interview Marty Edwards at S4x16
S4 began is 2007, and we have never had a DHS or INL leader on stage to provide an overview of their programs, results and plans. These are incredibly useful sessions at an event for those new to ICS, but for the experienced S4 audience they are primarily an...
Mikko Hypponen at S4x16 / Registration Opens Oct 1st
The Main Stage at S4x16 is theater/concert size and quality, and it requires dynamic and interesting speakers and sessions ... and we have an impressive lineup for you. A prime example is Mikko Hypponen who will be speaking on Cyber Geopolitics. Mikko will speak...
escar Asia
I attended and spoke at escar Asia (embedded security in cars) the last two days in Tokyo. Obviously the Miller/Valasek Jeep hack was referenced in almost every session and gave the event a sense of urgency. There were some very positive developments in the...
Unsolicited Response Podcast: Cyber Insurance
Who would have thought a podcast on insurance would be one of my favorite and most interesting I've done in the past few years. [powerpress] I spoke with Eireann Leverett and Jennifer Copic of the University of Cambridge Centre for Risk Studies. They were two of the...
S4x16 CFP Ends Aug 31 / Also Looking for 1-Day Courses
The best way to get the most of any conference is to be a speaker. At S4 you get a chance to present your great research or passionate viewpoint to an audience of advanced ICSsec pro's who will get it. They might not agree, but they will get it. So check out the...
Reflections on Trusting Switches
The Switches Get Stitches crew has been hard at work on quite a few switching projects. Indeed they released a new exploit tool against GE and GarrettCom switches early this morning, after attempting to get a fix for a Denial of Service bug for at least one year...
OSIsoft Self-Reports 56 Vulns
I tweeted on this OSIsoft self-disclosure last week: It's huge that OSIsoft self reported these and even provided summary CVSS info. Continued leadership in ICSsec space https://t.co/YL3dYw3HxU— Dale Peterson (@digitalbond) August 14, 2015 But I want to write a bit...
Friday News and Notes
BlackHat and DefCon are over, and vendors are breathing sighs of relief (or, digging trenches). Let’s look at this week’s top news, according to us. In the database world, we have two stories (a fail and a win): - Oracle’s CSO floated a vaguely threatening blog...
More OT is Mission Critical IT
I'd encourage loyal readers to check out the comments on the recent OT is Mission Critical IT article. Some are better written than my original article and others highlight the problem. Jake writes: Most IT departments would take “mission critical” to mean do lots of...
OT Is Mission Critical IT
The Tripwire team asked a number of people for 100 words on the following questions: How does the IoT change the dynamics between IT and OT? What practical tips can you provide for working together effectively? You can read the full set of responses in this...
CVSS for ICS
A failing grade When reading CERT advisories in the ICS space I used to skim to the CVSS score as a quick way to assess what the vuln was. I rarely like what I see when I think about the actual vulnerability to which the score is applied. CVSS, or the Common...
SHAKACON Day 2 & Go/No Go
SHAKACON was a well run and friendly conference with about 300 attendees and high quality talks over 2 days. If you are thinking about it for 2016: GO - If you live in Hawaii. This is a no brainer. The opportunity to go to Hawaii draws better speakers than you would...
SHAKACON Day 1
Three sessions at Day 1 of SHAKACON in Honolulu were noteworthy for the ICSsec community. Charlie Miller and Chris Valasek on Auto Hacking The big session from this team will be at Blackhat where they will unveil and demo their ability to remotely control cars, most...
Black Hat Sessions and (Dutch) Infrastructure
The Sessions Digital Bond Labs appeared at Black Hat Sessions in Ede, Netherlands. We gave a talk on vulnerability inheritance in PLCs, and also discussed some of the challenges associated with removing vulnerable internet-connected control systems from their...
canbus-utils release v0.2.0
Greetings. Quick post to announce an updated release for the Digital Bond Labs CANBus utilities repository. This release features the addition of a simple fuzzer to the toolkit. The fuzzer has two modes. The first mode (default with no options) is to send random data...
S4x16 Call For Presentations
We have opened the S4x16 Call For Presentations on the event website. Since 2007 S4 has been the place to show your ICS Security research to an advanced audience that will get it. In recent years we have added Operations Technology (OT) and ICS Cyber Weapons...
Book Review: There Will Be Cyberwar
There Will Be Cyberwar: How The Move To Network-Centric War Fighting Has Set The Stage For Cyberwar by Richard Stiennon Read this book if you are looking for a summary of the attacks and cyber incidents that have occurred over the past 20 years in government,...
S4x15 Video: Attribution and Retribution Panel
S4x15 came on the heals of the attack on Sony. Everyone was discussing how cyber attack attribution can be done and the level of certainty that is possible, so we had a panel to discuss this very issue. The second part of the panel discussed what does the victim due...
Switches Get Stitches (or: Switches Get DNA Helicased)
There is a 'talk franchise' that has started titled 'Switches Get Stitches.' Started by Eireann Leverett and Colin Cassidy, it showcases problems in industrial network switch hardware and firmware. Digital Bond Labs offers a humble contribution to the...
ESCAR USA Thoughts and the ROI of Investing in Cybersecurity
ESCAR was an interesting event. There were about 150 in attendance from various parts of the auto cybersecurity community including OEMs, tier 1 vendors, and defense products. There were speakers on a variety of good topics, the full lineup is available at...
Shodan for Rocket Scientists
Shodan is a really useful tool for, well, all sorts of research. Not only can you quickly determine what the public-facing security impact of a new vulnerability is going to be, you can find all sorts of control systems attached to the Internet that shouldn’t...
Unsolicited Response Podcast: Eric Byres after Tofino
After a long and successful struggle to bring an industrial firewall to market, Eric Byres is leaving Belden and Tofino behind. We shouldn't call it retirement because I expect that Eric will be contributing in a number of different ways in the next ten years. I gave...
ESCAR Presentation
I enjoyed last week in Detroit at ESCAR (Embedded Security in Cars). I went there to present on the topic of vehicle security and how remote access and third party devices impact the threat landscape. Many researchers have published about the security concerns of...
ICS Security Research Newsletter: Issue 15-2
The team at Digital Bond Labs has published their ICS Security Research newsletter for the 2nd quarter. I suggest you subscribe to the newsletter, but if you want to view this issue directly, it is available at this link. The issue includes: the latest on Corey's CAN...
S4xJapan Call for Presentations
We are pleased to announce a return to Tokyo for the S4xJapan event on Friday, November 6th. S4xJapan will be held again at Academy Hills on the 49th Floor of the Roppongi Hills Mori Building. There will be a fun and novel social event (last year was the Kaspersky...
Vendors Step Up & Step Down
While progress on adding basic security to PLC/RTU/Controllers, Level 1 of the Purdue Model, continues to be excruciatingly slow, there is much good news from vendors that make the applications that reside at Level 2. Vendors offering HMI, Engineering...
S4x15 Video: Simulating Multiple Substation Failures
This is a great session for power engineers and those involved in substations to watch. It is an extremely technical session by Dr. Chee-Wooi Ten of Michigan Technological University. The key point is actually easy to understand. The most critical substations to...
Identifying Protocol Parsers and Cryptographic Algorithms in Firmwares and Binaries
In my talk way back at S4x15 I briefly mentioned a few techniques at identifying interesting parts of an application for reverse engineers. A lot of times we as reverse engineers load up a firmware or DLL or executable. We want to get hunting for bugs as quickly...
S4x15 Video: Power Fingerprinting
We generally do not allow product presentations at S4, but occasionally there is a technology that is novel or potentially important that we make an exception. For example, we had Kaspersky present on their ICS operating system at S4x15. A second exception was made...
Article Archive By Year
Article Archive By Category
UPCOMING EVENTS
S4x24 ... 4 - 7 March 2024 in Miami South Beach
Save the date. For the biggest and most future focused on ICS Security Event.