Stuxnet – Fingerprinting A Specific Target

This is going to be a Stuxnet week with more information and some larger issues, opinions and questions to follow. How did Ralph Langner and his team determine Stuxnet was targeted at a specific target and process? Well first of all it helps a great deal to have...

Stuxnet – The Siemens Affect

You can’t wrap fire in paper. Once the Stuxnet malware was available, it was only a matter of time before someone dug into the code and figured out what it did. Ralph Langner and his team are the best I know on the Siemens’ gear and protocol. It was fascinating to get...

Perfection – Part II

People want a certain and definite solution to a problem, including security. Take these seven steps and you will be secure. Run this tool and you will find all vulns. Buy a product with this certification and you will not be compromised. Unfortunately security...

Waterfall and One Way Security

A small number of vendors are promoting unidirectional network security devices, most notably Waterfall Security Solutions from Israel. [FD: Waterfall has advertised on digitalbond.com] To their credit Waterfall has doggedly pursued the control system security space...

Late Summer Reading: NISTIR 7628

How many of you have downloaded NISTIR 7628: Smart Grid Cyber Security Strategy and Requirements, saw it was 305 pages and put it aside? Maybe you even waded into the first ten to twenty pages and read a lot of general statements and gave up. Well if you have some...

We Will Never Be Perfect

Some of the post Stuxnet discussion, and even much before it, has the premise that we need to improve security so this type of attack can never be successful. That if we just all do the right things control systems will be impenetrable. When we see unpatched systems,...

Legislative Outlook for Control System Security Registration

Patrick Coyle writes the Chemical Facility Security News blog and tweets @pjcoyle. His blog is my go to resource for all things chemical security, and Patrick also does the hard work of tracking all of the control system security legislation. Patrick was kind enough...

Siemens Roller Coaster Response to Stuxnet

The Siemens response to Stuxnet has been like a roller coaster. It started diving low with limited information and bit of blame shifting as most organizations facing a vulnerability for the first time do. [Siemens is huge and obviously other parts of Siemens are well...

What Do VxWorks Vulns Mean?

HD Moore recently published a blog entry highlighting some serious vulnerabilities in VxWorks – – an operating system used by a number of field devices in SCADA and DCS. What does and doesn’t this mean? This has little or no impact on the security of...

How Should We Treat Cyber Incidents

Joe Weiss has been been conflating Cyber Incidents with Cyber Security Incidents for a while now, primarily by leaning on the NIST FIPS-200 definition of an Incident: An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or...