We have added Kim Zetter, author of Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon, to the S4x15 Week Agenda. We will have Kim onstage for a live interview as part of ICSage on Friday. I’ll have a few questions, but we...
Sean McBride’s Finding SCADA Honeypots on Shodan article is a twist on the Internet connected ICS story. He finds 58 Conpots and 67 honeypots listed as Water Control Valve #27. Two points in this article. One, some basic analysis is required to weed out...
Stephen Hilt and a team of volunteers are working furiously on the ICS Village for S4x15. The ICS Village at S4x14 had a large amount of ICS devices, 6 different vendor PLC’s, HMI, industrial switches, historians, …, and we allowed attendees to play and...
CRISP (Cyber Security Risk Information Sharing Program) is a US Department of Energy (DoE) program with two related efforts underway to meet the goals. There can be cases where the Market, in this case energy companies, are not sufficient to support a product or...
This past Sunday’s edition of This Week With George Stephanopoulos had a 7-minute segment on critical infrastructure cyber security prompted by the BlackEnergy malware. The lead in by ABC’s Pierre Thomas was particularly bad and conflated attacks on...
The CLUSIF (Club de la sécurité de l’information français) has issued “an overview of existing documents, standards, guidelines and best practices” (link is for the document in English). The 24-page document gives an overview of the most popular and useful...
We added a bunch of info to the S4x15 site including the newly designed banner, see below. We are almost through the first 50 tier ticket pricing (42 sold). “DHS ICS-CERT” and FBI announced, a bit clumsily, that they will be touring 13 cities across the US...
This post was inspired by two tweets from Reid. @SynAckPwn@digitalbond I’d be happy just seeing ICS-CERT publish its internal advisory-handling guideline documents. — K. Reid Wightman (@ReverseICS) October 21, 2014 @SynAckPwn@digitalbond Right now I think the public...
One of the most thought provoking sessions at S4xJapan was Wataru Machii of the Nagoya Institute of Technology’s session on Dynamic Zoning in an ICS. One of the great things about S4xJapan is it provides videos and sessions in the Japanese language. The downside...
At S4xJapan in Tokyo I presented on a couple things, this post is about Havex. During the talk I am speaking slowly and plainly as the conference was being simultaneously translated into Japanese. Altering your speaking style to help translators is a good exercise...
