Well, I’ve spent about a week off and on working on this project, and have some limited analysis to report. I’ve developed the python code that will run through all of the @VXShare zip files, and pull out the strings. Don’t laugh, the way...
A second NIST led 3-day workshop on the Cybersecurity Framework required by President Obama’s begins tomorrow in Pittsburgh. I’ve been quiet and non-participative on this effort to this point. The reason for not participating is primarily because I...
Documented within The Rack is Kismet, a tool that can be used for analysis of wireless within control systems and automation applications. With the use of wireless devices on the rise, we need to ensure they do not mistakenly get put into control systems. Scanning...
The ISA99 committee has always been the most prolific of the ICS security standards and guidelines writing bodies, although NERC CIP may put up an argument. The coordination of the ISA99 and IEC-62443 efforts has only increased the pace as the international...
HD Moore and Rapid7 highlighted security issues related to serial port servers, aka terminal servers in the ICS world. They found a large number that were Internet accessible and highlighted some vulnerabilities that have published Metasploit modules. Paul Roberts...
It was a busy week for NERC CIP last week, where comments in the Notice of Proposed Rulemaking (NOPR) from FERC indicate that CIP Version 5 will be approved. CIPv5, and the potential successive versions suggested by NOPR language, are going to have a heavy impact on...
I first found out about Stuxnet from this post on the WildersSecurity forum, and not through any of the other channels frequently mentioned. It was early July 2010 when I saw the post, and I immediately started pulling whatever information I could get. It wasn’t...
Siemens had a webinar and put out more information on the security features integrated into the S7-1500 PLC. The features offer some important integrity protection if the Siemens development team implemented them properly. The videos on the site are high level only so...
Eric Byres recently published a 4-part series on security patching for ICS. While I have a few minor disagreements with it and the emphasis/approach, it’s a good primer and important for those who are new to the ICS security space. Owner/operators are struggling...
Because NERC CIP is the regulatory force for cyber security in the electric sector, I tend to do a lot of work with clients on how to best to implement the various technical and administrative requirements. CIP-003-3 R6 requires that owners establish and document a...
