Building the Next System Capable of Fending Off the Next Stuxnet Attack on Industrial Control Systems

Russian antivirus firm Kaspersky Lab seeks a developer and analyst to create an operating system that could dissuade the next Stuxnet attack on industrial control systems. Currently, Kaspersky Lab wants to hire professionals with experience in programming PCS and Supervisory Control And Data Acquisition (SCADA) systems, implementing industrial networking and...

In and Out of Control -- From Various Places Around the Web

Sometimes we get so focused on what's going on at Control and that we forget there's other stuff happening in the Big World.

Hey, Mom, They Said "PLC" on TV!

In case you missed it, last night the lead story on "60 Minutes" was on the subject of the Stuxnet virus.

The Precursor to the Next Stuxnet #safety #cybersecurity #stuxnet

Symantec posted on their site the latest information on the next chapter of Stuxnet. The site says that "Duqu" is a new threat whose goal is to gather intelligence in order to conduct a future Stuxnet-like attack.

What are the lessons of Stuxnet

Recently, I have been getting requests for interviews on Stuxnet and “son of Stuxnet”. I believe Stuxnet has provided too much focus on PLCs and Siemens.  The real ICS issues are:- It is possible to use cyber as a weapon to destroy equipment or kill people.

Aurora, Iran, coincidence?

With the current focus on Stuxnet and Iran, it is easy to forget about Aurora. Certainly most utilities have. There are several important issues with Aurora:1. It does not use the Internet2. It does not use Windows3. Like Stuxnet, it is an engineering attack against a process4. Unlike Stuxnet, we have proof it works

Another Help for Watching Out for Cyber Nasties

Stuxnet has reminded us yet again that we live in a world that is not necessarily full of friendly people who mean us well. The folks at Byres Security have launched a new service to help us keep abreast of what's going on out there among the troublemakers and how...

US CERT and Stuxnet – did US-CERT do all they could?

 Dale Pederson’s Digital Bond website ( provided an interesting note (thanks Dale) on US-CERT entitled “ICS-CERT: Stuxnet Lesson Learned”. 

Still Thinkin' About Cyber Security

One of the fun parts of my job is clicking around on the Internet to see what pops up. This afternoon's finds are these posts on Rick Kaun's "Insecurity" blog at the Matrikon website. The one I had in mind first was the October 5 post, but by the time...