Patrick Coyle covers the new effort by the American Water Works Association (AWWA) to develop a Cybersecurity Guide and Cybersecurity Online Tool that attempts to follow the NIST Cybersecurity Framework. TechCrunch reports that Siemens Venture Capital “is...
A live demo often leads to a presentation disaster, but this was not enough of a challenge of Eireann. He decided to run a Red Team / Blue Team exercise live on the S4 stage. http://vimeo.com/85361869 The target was a Siemens SCALANCE switch with a known...
The idea for mining malware for evidence of targeting automation came out of reading several papers on Stuxnet that discussed the methods used to intercept calls to the S7 PLC. To summarize, Stuxnet replaced the Siemens stock s7otbxdx.dll with a new version that...
Sorry for the delay, but lot’s of news. ISASecure has launched the System Security Assurance (SSA) certification — “a system-level cybersecurity certification for industrial automation and control systems (IACS) products.” Very ambitious and...
Nathan Keltner and Josh Thomas of Atredis dove into hardware hacking with a focus on the Teridian System on Chip (SoC). The Teridian SoC is widely used in the smart meter market and is based on the Harvard Architecture. Nathan and Josh explain the differences between...
If you’ll remember from a set of posts last year, I had floated the idea of mining malware for evidence of automation system compromise. The basic premise was to look for the evidence of interactions with control systems by analyzing malware samples graciously...
This was the 7th year that JPCERT put on an ICS Security Conference in Tokyo. The conference hall had a capacity of 300 people, and it was sold out weeks before the event. Of course the price was very appealing — free. Great to see the increased interest having...
At S4x14 this year, there was a great talk about using an Ardunio Shield to communicate via the HART Protocol by Alexander Bolshev. Michael Toecker Blogged about this talk earlier, read his blog for more details about the talk. As the talk shows the Ardunio shield is...
PLCpwn is a Digital Bond project that Stephen Hilt led and presented at S4x14. It was inspired by the Power Pwn that we had used with a number of clients to help them realize ignoring the physical security perimeter might be a mistake. http://vimeo.com/85668729...
After hearing about PLCpwn, S4 vet Jake Brodsky over on SCADA Perspective wrote “Only problem: If you have physical access to the network of a PLC or to the PLC itself, you own it. End of story. That’s very unlikely to change.” While the ICS...
