Unfettered Blog

Designated US Expert on cyber security

I am honored to have received my official notification of being designated a US expert to IEC TC45/SC 45A/WG9 - Instrumentation and control of nuclear facilities. This is in addition to being a designated US expert to IEC TC 57 WG15 - Power systems management and associated information exchange, and...

The Myth of Rip and Replace in SCADA and Industrial Control Systems #cybersecurity #pauto #SCADA @tofino @digitalbond

Recently, Eugene Kaspersky made headlines about designing an operating system for industrial control systems. It doesn't seem to have gone anywhere, as you might expect.

Loss of Control (LOC) and Loss of View (LOV) incidents are very dangerous and not uncommon

In the IT environment a denial-of-service is one of the worst case scenarios. In this case, data can no longer move and the system comes to a stop. In the ICS environment, the worst case scenario is loss of control (LOC) and/or loss of view (LOV).

Why are unintentional ICS cyber incidents important to address

NIST defines a cyber incident to be communications between systems (or people and systems) that affect confidentiality, integrity, or availability. The NIST definition does not require an incident to be malicious to be defined as a cyber incident.

When should an industrial facility be shutdown because of malware

Recently, ICS-CERT disclosed that in October 2012 a computer malware virus invaded a turbine control system at a US power plant when a technician "unknowingly" inserted an infected USB computer drive into the network, keeping the plant off line for three weeks.

@Belden @Tofino tested by @DigitalBond: It works!

Recently, several ICS end users in the Middle East and Asia have been exposed to attacks directly on the control systems through firewalls that have been misconfigured, or not configured correctly, for Modbus and OPC data.

The need to isolate control systems from corporate networks

The November/December 2012 issue of ISA's Intech magazine has an article "Selecting temperature measurement and control systems". The article states: "Network connectivity ties everything together. The goal of any DAS (data acquisition system) is to deliver sensor data for reporting and analysis.

Significant ICS cyber security incidents continue to occur – some without known causes

In the IT community, a worst case scenario is denial-of-service. In the ICS community, a worst case scenario is loss of control/loss of view. Enclosed are some recent cases of loss of control/loss of view with four different major ICS suppliers each without a known cause.

The broken record - why do people who don't understand ICSs still continue to speak for ICS cyber security

Would anyone with a heart condition go to an orthopedist to check on their heart? An internist and orthopedist are both doctors, but they certainly have different specializations. The fact that someone understands IT security does not make them an ICS cyber security expert.

SANS NewsBites, Vol.14 Number 99: Control Systems under Attack -why the scare tactics?

On December 14, SANS came out with the following headlines: All 3 "top of the news" stories this week illustrate an important security trend: Internet facing control systems are becoming much more prevalent allowing easy exploitation of disclosed vulnerabilities for disruption as well as back door access to other corporate systems...