Loyal blog readers know that PLC security is a focus of Digital Bond and a passion of mine. The proponents of defense in depth are selling a mirage if the critical endpoint can’t be secured. Project Basecamp and other researcher disclosures have made this...
This week the third workshop trying to put together a US Cybersecurity Framework as required by President Obama’s Executive order was held in San Diego. You could grab some of the flavor by following #NISTCSF or spend more time watching the webcast. I have yet...
The spring edition of the ICS-CERT Monthly Monitor’s lead story is “Brute Force Attacks On Internet Facing Control Systems”. It got picked up by a large number of the mainstream press including the Wall Street Journal. Author Rachel King points out that according to...
Between confusing standards, odd implementations, lack of security capability from control systems, and the craziness of The Audit, NERC CIP is not a field for the faint of heart. I’ve been doing work in this space for 8 years now, and I don’t pretend to...
This work, and slightly edited blog post, is from a new Project Basecamp researcher that prefers to remain behind the scenes. We welcome any researchers to join the Basecamp team. One of the most interesting “products” in Project Basecamp was CoDeSys,...
ISA99 continues to churn out quality security documents. Some are written to be ISA/ANSI/IEC standards and others are Technical Reports for guidance. Recently a draft of ISA-TR62443-2-3: Patch Management in the IACS Environment was released for review. Loyal readers...
ICS-CERT issued an Alert based on Terry McCorkle and Billy Rios work on the security of medical devices. Not surprisingly they found hard coded passwords in hundreds of devices. But what action are we to take with this Alert, and what is DHS doing beyond coordinating...
Guest author Michael Assante is President and CEO of NBISE, an organization focused on improving the cybersecurity workforce. Michael’s career has included ICS security roles with an asset owner, national lab and as the CSO for NERC. I enjoyed reading your post...
The ICSJWG Spring Meeting was cancelled, purportedly due to the sequester. ICS-CERT has published the presentations and papers that were submitted for the event on their site. No news yet on a potential fall meeting, but planning should be beginning now if it is going...
Back on 5 July 2012 we added a counter in the right column of our home page: “Schneider Has Not Removed Modicon FTP Backdoor Accound in xxx days.” This was prompted by Ruben Santamarta’s disclosures of the account, but was based off of a December...
