I believe the last time ICS-CERT announced malware that specifically attacked a control system product or protocol was back on July 20, 2010. At that time I naively railed that DHS / INL / ICS-CERT should be thoroughly investigating this and determining the impact to...
I came a day early to South Florida this week to check out the newest official S4x15 hotel: the Surfcomber Hotel in South Beach. Those still wanting large rooms and suites, luxury, quieter beach and close to the best malls and the Kovens Center can stay at the Trump...
Bloomberg published more detail on the “UglyGorilla” attack on pipeline SCADA. It’s worth reading past some of the hyperbole in the article to learn what information was taken. “Operatives vacuumed up caches of e-mails, engineering PDFs and...
The ICS security community is still tiny, so when a large vendor recruits five or so names in the industry it gets some attention. They are placing at least a small bet that there is enough business to scale to a size worth pursuing. Security vendors have tried...
S4xJapan: October 14-15 in Toyko I had a bit of fun in Tokyo last month creating a logo for S4xJapan. In Japan people use a hanko, an ink stamp, to sign documents ranging from Fedex or Black Cat delivery acknowledgment to important official documents. A hanko is...
The German government’s National Cyber Defense Center has little to show over the last three years, according to the German Government. The Langner Group covers the story of a classified report that was leaked to the press. A small number of employees who lacked...
I attended my first ICSJWG since 2011 last week in Indianapolis. It was an ok event with some interesting talks and a chance to reconnect with familiar faces in the ICS industry. It is however a far cry from the must attend DHS event back when it was called PCSF. I...
I had finished my presentation on a wide variety of topics Big Data / Cloud Computing / Internet of Things / ICS remote access, and the Q&A had started. After stressing in the presentation that ICS data can be shared anywhere without jeopardizing the integrity and...
I’m very pleased to announce Reid Wightman is returning to Digital Bond after a couple of years at IOActive. Reid will be leading a new division, Digital Bond Labs. He will write soon on what Labs is and what it will do, but let me talk about the reason we...
Dark Reading reports this week on Bitsight Technologies security ratings for the utility industry. Bitsight scored the sector as second highest in security posture, with the financial industry rated first. This scoring is primarily based on the corporate network, not...
