ISA99 continues to churn out quality security documents. Some are written to be ISA/ANSI/IEC standards and others are Technical Reports for guidance. Recently a draft of ISA-TR62443-2-3: Patch Management in the IACS Environment was released for review. Loyal readers...
ICS-CERT issued an Alert based on Terry McCorkle and Billy Rios work on the security of medical devices. Not surprisingly they found hard coded passwords in hundreds of devices. But what action are we to take with this Alert, and what is DHS doing beyond coordinating...
Guest author Michael Assante is President and CEO of NBISE, an organization focused on improving the cybersecurity workforce. Michael’s career has included ICS security roles with an asset owner, national lab and as the CSO for NERC. I enjoyed reading your post...
The ICSJWG Spring Meeting was cancelled, purportedly due to the sequester. ICS-CERT has published the presentations and papers that were submitted for the event on their site. No news yet on a potential fall meeting, but planning should be beginning now if it is going...
Back on 5 July 2012 we added a counter in the right column of our home page: “Schneider Has Not Removed Modicon FTP Backdoor Accound in xxx days.” This was prompted by Ruben Santamarta’s disclosures of the account, but was based off of a December...
The official title of Jason Holcomb’s (Lockheed Martin) session was Turning the Tables: Transformation to Intelligence Driven Defense for ICS, but the thrust of his talk is describing how the cyber kill chain can be used in ICS. The cyber kill chain steps for a...
NIST held the second workshop on the US Cybersecurity Framework this week in Pittsburgh, and the main session was viewable on the Internet. You can view the tweets at #nistcsf, and Cynthia Brumfield has published her thoughts on the workshop. The next workshop is in...
Michael Toecker’s session at S4x13 focused on two things. How secure are the applications that engineers use to configure relays in the electric grid? Prominent examples are GE’s Enervista and SEL’s AcSELeratorIs Microsoft’s Attack Surface...
Digital Bond developed the first SCADA IDS rules back in the middle of the last decade with the help of a DHS research contract. Those rules were integrated into most commercial IDS. A second DHS research contract funded the development of the Quickdraw IDS...
Want to learn how Ruben Santamarta found the TURCK backdoor disclosed last week by ICS-CERT? Read his article on Identify Back Doors in Firmware By Using Automatic String Analysis. He pulls out the strings from firmware and then uses a tool he wrote called...
