The following was posted, among other places, on the SCADASEC listserv. Eyal Udassin, a well-known and well respected security researcher with significant experience with control system functional security has discovered a vulnerability in some of Rockwell's products, and he and Rockwell have moved quickly to fix the vulnerability.
The December issue of IEEE Spectrum had a small lead about the following Open Source attempt to hack the GSM phone system. The full article can be found at http://spectrum.ieee.org/telecom/wireless/open-source-effort-to-hack-gsm/0.
We've mentioned this before, but here's something you really ought to put on your calendar.
Walt Boyes interviewed Bjorn Gudehus of Bell Canada, who is both a security analyst and an automation professional, and who has a distinctive voice and opinion on this important question.
John Eidar Simensen of Institute for Energy Technology offered a methodology using Baysian Belief Networks for estimating the complexity of critical instrumentation and control systems. This is an ongoing project which may provide the first real metrics for complexity after years of trying.
Here is the link to an interview Garcia did earlier this week:
Don't know the exact implications of this. Thinking too hard about the games that go on in Washington hurts my head -- a lot. But having the "cybersecurity czar" resign even before she barely got started and having all the power brokers messing with her job doesn't sound good.
Our indefatigable blogger and functional security expert, Joe Weiss, was asked to provide written testimony for the record for the House Homeland Security Committee on Emerging Threats, Cybersecurity, Science and Technology hearings on the cyber security of the electric grid for today's hearing.
From the White House blog this morning: