19 Apr 2012 | 2012
Next Tuesday the US House of Representatives Committee on Homeland Security will have a hearing titled: America is Under Cyber Attack: Why Urgent Action is Needed. The panel who will provide testimony and answer questions has not been announced. If it follows typical...
16 Apr 2012 | 2012
I’ve been doing a lot of work that involves the CIP vulnerability assessment process recently, namely while developing the Bandolier R8 Audit Files, and another more comprehensive file set that haven’t been released yet. This week, I had the opportunity...
13 Apr 2012 | 2012
The latest Version 5 of the NERC CIP standards is now open for comment through May 21st. Version 5 adds CIP-010: Configuration Management and Vulnerability Assessments and CIP-011: Information Protection to the existing CIP-002 to CIP-009. The NERC presentation on...
12 Apr 2012 | 2012
Koyo/Automation Direct has responded to Basecamp and has made many of the right moves. Yesterday’s ICSA-12-102-02 pretty much says it all: Koyo has disabled the device’s webserver by default, and they’ve added a lockout feature to password...
12 Apr 2012 | 2012
First a reminder of the goal: The goal of Project Basecamp is to make the risk of these fragile and insecure devices so apparent and easy to demonstrate that a decade of inaction will end. SCADA and DCS owner/operators will demand a secure and robust PLC, and this...
11 Apr 2012 | 2012
While there were some great talks at AppSecDC, the attendance at their Critical Infrastructure track was not very high. Critical Infrastructure is a new topic area for the AppSec conference this year and it’s unclear if it will survive. OWASP has a...
9 Apr 2012 | 2012
On Friday I wrote on why the Stuxnet-type exploit module for the Modicon Quantum was important to show just how easy it is to upload rogue ladder logic. The other big news from Reid’s presentation, you can see the slides below, was the introduction of the WAGO...
6 Apr 2012 | 2012
Reid presented the latest from Project Basecamp yesterday, what he called Camp 4, at AppSec DC. He has done great work in a short amount of time, between the paying projects and I suspect often on nights and weekends. I didn’t want to step on his blog article...
6 Apr 2012 | 2012
DHS released version 4.1 of their Cyber Security Evaluation Tool (CSET). This version adds Visio support for network diagrams. CSET is a good do-it-yourself option for those who can’t afford pricey consultants like Digital Bond. I hope to give it a test drive...
5 Apr 2012 | 2012
Today Digital Bond released two new Metasploit modules affecting Schneider Modicon Quantum PLCs. I believe that these only affect PLCs with a “Unity” ethernet card, although I would guess that the exploit could be adapted to other controller types with...
