Skip NERC CIP version 4 and go straight to version 5

Posted on April 18, 2013 by Joe Malenfant

On April 18th, 2013 FERC held a meeting in which it heard from NERC regarding the proposed Critical Infrastructure Protection version 5 standards. The committee voted to skip version 4 and move straight to version 5, and the recently issued Presidential executive order on critical infrastructure cyber security appeared to largely be the driving force behind the rapid movement. Some of the major changes for version 5 include: New risk-based tiered classification system for cyber assets: High, Me << More >>

“Who’s Really Attacking Your ICS Equipment?” whitepaper released by TrendMicro

Posted on March 21, 2013 by Jacob Kitchel

TrendMicro released a whitepaper by researcher Kyle Wilhoit, who also presented the “Who’s Really Attacking Your ICS Equipment?” research at the Black Hat EU 2013 conference in Amsterdam. The research presented Wilhoit’s observations of attacks on an Internet-facing honeypots set up to detect who and/or what is attacking ICS/SCADA devices that are on the Internet. Wilhoit’s honeypots, a mix of high and low-interaction honeypots, were designed to mimic the setup of a water pressure stat << More >>

OT vs. IT; the debate continues. ICS Security improving none-the-less

Posted on January 28, 2013 by Kim Legelis

The difference in perspectives and power struggles between It and OT continue slow the pace of improvements in SCADA and critical infrastructure security according to a recently published CSO Magazine article. Last week, ICS CERT announced the findings of two separate incidents where energy industry assets were infected with malware due to compromised USB devices. Over the past few years, concerns have grown as we’ve seen attacks like Stuxnet and Flame target Industrial Control Systems systems << More >>

Best Ways to Effectively Implement Change Management in ICS

Posted on January 3, 2013 by Kim Legelis

ICS are the operational systems in which we rely upon to provide us with everyday essentials, such as power, natural gas and water. When these systems are working well and flawlessly, operators have little reason to alter or make innovative changes to them. Embarking on monumental changes is a huge undertaking for these control systems, most of which are very large and critical to normal functionalities for the general public. However, the time has come to upgrade and/or replace these aging, out << More >>

RuggedCom SSL Vulnerability Mitigations – Are PCN Best Practice Architectures the Safe Bet ?

Posted on August 28, 2012 by Venkat Pothamsetty

ICS CERT recently issued a warning on SSL key management private keys stored in the operating system causes an attacker to decrypt the communications to the RuggedCom device. Which Devices Might be Affected ? The reported vulnerability is in ROS SSL, so it means that only web management of Rugged’s switches and some other small devices such as terminal servers might be affected by the vulnerability. What does the Vulnerability Mean ? A hard-coded private key means that every device running R << More >>

ICS-CERT Incident Report: How It Affects Critical Infrastructure

Posted on July 2, 2012 by Kim Legelis

Recently, ICS-CERT issued an incident response report, which summarized the cyber incidents that have occurred from 2009 through 2011 against control system environments. The report found that in 2009, ICS-CERT received a mere 9 incident reports. In 2011, they received 198 reports of incidents. Source: ICS-CERT Incident Response Summary Report 2009-2011 In 2009, those incidents were in only 4 sectors; the majority in Energy (3) and Water (3). In 2011, incidents were found in 12 sectors, with the << More >>

Cellular technology use in ICS and 3 ways to minimize risk

Posted on March 13, 2012 by Jacob Kitchel

Recently, ICS-CERT published its January 2012 newsletter with some great advice regarding cellular technology use in ICS networks. The article, titled “Industrial Cellular Security”, discusses the types and uses for cellular devices as well as mitigation advice for dealing with ICS cellular device threats. The coverage of cellular technology for communications in remote areas has been covered several times before with respect to security. The Additional Readings section below has links to << More >>

M	T	W	T	F	S	S
« Apr
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

ICS Perspectives

Tag Archives: ICS-CERT