First, comments are back up and running on the website. We still are sorting out a few other issues and apologize for the inconvenience. The Hill reports that “President Obama and senior administration officials participated in a simulated cyberattack exercise...
A friend sent me a 24-page Network Security brochure from Siemens dated May 2012 with more detail on Siemens S7 security offerings and overall security strategy (we will add the link when it is up on the Siemens site). We would still like to get more technical detail,...
UPDATE: Added picture of email text Digital Bond recently had a nice little spear phishing attempt, from an email account registered to look like Dale, to a Digital Bond employee. The attack linked to a probably-malicious .zip file based upon an old research...
The NY Times published an enhanced excerpt from David Sangers’ new book Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power. The long article focuses on the US and Israeli efforts to use Stuxnet to delay the Iranian nuclear...
We covered the big stories of the week, Siemens announcement, Flame and the NY Times article in earlier entries. Here is what else happened. Emerson DeltaV vulnerabilities made an ICS-CERT Alert this week. This is noteworthy because DeltaV is not some free demo...
We have been running a Stuxnet clock in the right sidebar with the tag line: Siemens has not fixed Stuxnet S7 vulns for … Yesterday Siemens officially announced a firewall and VPN solution that should prevent the Stuxnet attack on the S7 PLC. So we have stopped...
I’ve been disinterested in the Flame story and then the anti-Flame backlash. There isn’t any data yet that makes it more pertinent to the ICS world than any other non-ICS incident. Not that it isn’t a fascinating piece of malware worthy of...
As part of developing Bandolier Security Audit Files for various control system components, see the full list here, we need to start with security audit files for the recommended OS security settings. These recommended settings are then modified as necessary for the...
I’ve been surprised by the relative silence on the NERC CIP Version 5 ballot results. Perhaps everyone knew most would fail by a sizable margin (e.g. CIP-002 37%, CIP-004 39%, CIP-006 39%, CIP-007 46%). Only CIP-008 passed, but CIP-003 and CIP-009 came close...
When Intel followed the acquisition of Wind River, the maker of the popular PLC OS VxWorks, with the acquisition of McAfee, our curiosity was peaked. More recently they acquired SIEM vendor NitroSecurity who had a significant and sustained effort on ICS security. So...
