Sean McBride of Critical Intelligence asserted at an RSA session it was a contractor named NEDA that introduced Stuxnet into Natanz. Mark Clayton broke the news in this article, and here is a link to Sean’s RSA slides. Industrial Defender announced ASM support...
Last week there was an entertaining SCADASEC thread on the new SANS/GIAC Global Industrial Cyber Security Professional (GICSP) certification. To get your GICSP you take the 5-day SANS Course ICS410: ICS/SCADA Security Essentials and then get 69% or better on the...
Bryan Owen and OSIsoft have been supporters of ICS security research for almost a decade now. And Bryan had another interesting and pithy 15 minute session at S4x14. He covers 15 cyber incidents from around the world that affected their products and company …...
Patrick Coyle covers the new effort by the American Water Works Association (AWWA) to develop a Cybersecurity Guide and Cybersecurity Online Tool that attempts to follow the NIST Cybersecurity Framework. TechCrunch reports that Siemens Venture Capital “is...
A live demo often leads to a presentation disaster, but this was not enough of a challenge of Eireann. He decided to run a Red Team / Blue Team exercise live on the S4 stage. http://vimeo.com/85361869 The target was a Siemens SCALANCE switch with a known...
The idea for mining malware for evidence of targeting automation came out of reading several papers on Stuxnet that discussed the methods used to intercept calls to the S7 PLC. To summarize, Stuxnet replaced the Siemens stock s7otbxdx.dll with a new version that...
Sorry for the delay, but lot’s of news. ISASecure has launched the System Security Assurance (SSA) certification — “a system-level cybersecurity certification for industrial automation and control systems (IACS) products.” Very ambitious and...
Nathan Keltner and Josh Thomas of Atredis dove into hardware hacking with a focus on the Teridian System on Chip (SoC). The Teridian SoC is widely used in the smart meter market and is based on the Harvard Architecture. Nathan and Josh explain the differences between...
If you’ll remember from a set of posts last year, I had floated the idea of mining malware for evidence of automation system compromise. The basic premise was to look for the evidence of interactions with control systems by analyzing malware samples graciously...
This was the 7th year that JPCERT put on an ICS Security Conference in Tokyo. The conference hall had a capacity of 300 people, and it was sold out weeks before the event. Of course the price was very appealing — free. Great to see the increased interest having...
