On December 14, SANS came out with the following headlines: All 3 "top of the news" stories this week illustrate an important security trend: Internet facing control systems are becoming much more prevalent allowing easy exploitation of disclosed vulnerabilities for disruption as well as back door access to other corporate systems...
New Jersey Control System Exploited Due To Lack of Due Diligence In Perimeter Security
(December 13, 2012)
Using information obtained online, hackers gained access to a New Jersey company's internal heating and air conditioning system. .. The incident was revealed in an FBI memo that was recently made public. The breach occurred in February and March 2012.
--German Power Grid Operator Hit With DDoS Attack
(December 12, 2012)
50Hertz, a German power utility grid operator, was hit with a distributed denial-of-service (DDoS) attack late last month. For a short while, the company's Internet communications systems were unusable. The attack did not affect electricity supplies.
--Web-based SCADA Gathers More Fans
(December 5, 2012)
A summary of the trends that affect/afflict SCADA systems today. On one hand there is cause for concern as "common" attacks now work against these systems. On the other hand, there is a small, growing body of security professionals that at least have experience dealing with the technology.
There have been some very significant control system cyber incidents as well as issues such as Aurora that are still being effectively ignored. Many of these incidents or vulnerabilities are not IT issues and cannot be addressed by SANS general IT and Windows recommendations. It is a shame that SANS is playing games with such an important subject as control system cyber security.
Joe Weiss