Distributech wrap up

Posted on February 1, 2013 by Joe Malenfant

While the focus of Distributech is the distribution component of utilities, the discussions spanned the “Smart Grid” gamut. Demand response, advanced metering infrastructure (AMI), distribution management systems, clean energy production, and securing the grid were some of the highlights of the opening keynote presentations. It’s no secret there is demand on the grid like never before. The last 10 years have provided technological advancements that are putting the need for demand response << More >>

OT vs. IT; the debate continues. ICS Security improving none-the-less

Posted on January 28, 2013 by Kim Legelis

The difference in perspectives and power struggles between It and OT continue slow the pace of improvements in SCADA and critical infrastructure security according to a recently published CSO Magazine article. Last week, ICS CERT announced the findings of two separate incidents where energy industry assets were infected with malware due to compromised USB devices. Over the past few years, concerns have grown as we’ve seen attacks like Stuxnet and Flame target Industrial Control Systems systems << More >>

ICS – Not the same as securing the Enterprise

Posted on December 6, 2012 by Kim Legelis

Cyber attacks are on the rise – we’ve seen it time and time again with breaches spanning both the enterprise (LinkedIn and Yahoo password leaks) and the ICS environment (Stuxnet and Shamoon). According to Godfrey Budd of New Technology Magazine: “It’s not just Fortune 500 companies that are targeted. An estimated 18 percent of attacks target companies with less than 250 employees, while about 50 percent are aimed at ones with less than 2,500.” With cyber criminals targeting various org << More >>

Protecting Our Critical Infrastructure

Posted on November 8, 2012 by Kim Legelis

As security professionals are aware, SCADA security is something to be taken very seriously. However, it wasn’t until Stuxnet that awareness of these vulnerabilities increased and people understood the serious repercussions of a breach. We’re seeing now that Stuxnet was just the beginning. In recent times, more malware targeting SCADA systems has appeared (Flame, Duqu, Shamoon) and progress has been slow to secure these systems. Walt Sikora, vice president of security solutions at Industrial << More >>

What to do about Flame malware

Posted on May 30, 2012 by Jacob Kitchel

The biggest cyber security related news story this week has been about the Flame/Wiper malware. The event has gotten high profile coverage by several media outlets (included below). So far, there have been no strong indicators that the Flame virus is tied to anything ICS or SCADA related. There has been plenty of speculation in the media coverage that Flame does target ICS environments based on its apparent sophistication and the countries in which infected machines were detected. After reading << More >>

Cyber Security Lesson’s from Iran: The Sequel

Posted on April 26, 2012 by Kim Legelis

While no one is yet crying over spilled oil, it appears that once again Iran’s energy infrastructure has fallen victim to cyber security disruption. As reported in The New York Times , it seems that fears of operational impact on Iranian oil terminals caused officials there to unplug their facilities from the internet in order to avoid damage for the “wiper” virus. Surely this is harder than it sounds and has far reaching implications when it comes to system restoration. We can all lea << More >>

Weighing in on the Effect of Stuxnet

Posted on April 3, 2012 by Kim Legelis

Nearly two years after Stuxnet, cyber security experts are still weary of the effect this worm had on the safety of the nation’s critical infrastructure. The dialogue among experts in the industrial cyber security industry has switched from only operators talking about it to company executives now getting involved. The discussion is now focusing on developing a more unified approach to security. Automation World turned to security experts to identify the changing conversations within the cyber << More >>

Stuxnet for the rest of us

Posted on March 6, 2012 by Jacob Kitchel

On March 4, CBS’ 60 Minutes did a story solely focused on Stuxnet. We are 3 months short of the 2 year anniversary (June 2010) of Stuxnet’s discovery. In computer security timelines, Stuxnet is ancient history. So, why is it a big deal that 60 Minutes covered Stuxnet? This is a big deal because there is in-depth, main-stream media coverage. Before, Stuxnet wasn’t “real” for millions of viewers. Now your family, parents, and grandparents are informed enough to ask questions and all of t << More >>

Duqu: ICS experts weigh in on protecting against zero-day threats – Oct. 25, 2011 Webcast

Posted on October 24, 2011 by Joe Malenfant

On October 18, 2011, ICS-CERT issued an advisory related to the discovery of new malware – W32.Duqu – targeting industrial control systems. One year after revelations of Stuxnet came to light, the emergence of Duqu points to the continued need for vigilance in protecting critical infrastructure. What does Duqu – and future zero-day threats – mean to your organization? Join an interactive panel discussion with experts from Industrial Defender, Red Tiger Security and The SCADAhacker on Tue << More >>

Stuxnet Siemens SCADA Worm

Posted on July 20, 2010 by Andrew Ginter

The zero-day exploit has a new name: Stuxnet. It targets Siemens’ Simatic WinCC and PCS 7 industrial automation software. Siemens has issued a statement describing the attack. Microsoft is working on a fix for the vulnerability which the worm exploits. Two versions of the worm have been discovered to date: parts of one are signed by certificates owned by RealTek, parts of the other are signed by JMicron Technology Corp. The worm is widely acknowledged as the first professionally crafted ma << More >>

M	T	W	T	F	S	S
« Apr
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

ICS Perspectives

Tag Archives: Stuxnet