Ironically, less than a week after the ICS Cyber Security Conference that NERC did not attend, NERC issued another set of Lessons Learned for three incidents. In each case, cyber communication issues resulted in system impacts.
Here are the highlights from Wednesday and Thursday of the 13th ICS Cyber Security Conference. The details are skimpy, because no recording is permitted.
Highlights of the 13th ICS Cyber Security Conference including global attendance, Kaspersky's new Cyber Security Game, report of a major cyber incident in a utility, an ICS Honeypot, and "loss of integrity" incidents.
Much to our surprise, we had to close the registration as there is no more “room at the inn”. The registration is almost entirely from the private industry and international participants as the budget battle in Washington prevented any of the usual government personnel from attending.
This blog is not about people but organizations and the fallacy of not sharing information. I believe there are many people in industry willing to share information about ICS cyber incidents. However, in too many cases, they are not allowed to do so.
The week of October 1st, Project SHINE found an electric substation directly connected to the Internet. Project SHINE analysts were able to see DNP3 ports, Serial Port Server ports, Telnet interface ports, and a web page server. As of the week of October 7th, the substation device was disconnected.
Project SHINE recently found an electric substation directly connected to the Internet. Project SHINE analysts were able to see DNP3 ports, Serial Port Server ports, Telnet interface ports, and a web page server. They discovered this via search engines without even accessing the site itself.
While discussing the recent turbine loss of control issue, I was reminded of a software version issue that I first encountered during Y2K. That is the issue of how long vendors will support older versions of software.
The draft agenda for the October ICS Cyber Security Conference is now available at www.icscybersecurityconference.com. As events continue to unfold, the agenda will be modified accordingly. A new session is being added to address the recent loss of turbine control incident that will be led by the utility. If you...
Five months ago, the utility hosting the ICS cyber security test bed met with one of their major ICS vendors. Some of the security patches actually impacted the reliability of the ICS and the overall system.