SANS NewsBites, Vol.14 Number 99: Control Systems under Attack -why the scare tactics?

Dec. 17, 2012
On December 14, SANS came out with the following headlines: All 3 "top of the news" stories this week illustrate an important security trend: Internet facing control systems are becoming much more prevalent allowing easy exploitation of disclosed vulnerabilities for disruption as well as back door access to other corporate systems...

On December 14, SANS came out with the following headlines: All 3 "top of the news" stories this week illustrate an important security trend: Internet facing control systems are becoming much more prevalent allowing easy exploitation of disclosed vulnerabilities for disruption as well as back door access to other corporate systems...

New Jersey Control System Exploited Due To Lack of Due Diligence In Perimeter Security
(December 13, 2012)
Using information obtained online, hackers gained access to a New Jersey company's internal heating and air conditioning system. .. The incident was revealed in an FBI memo that was recently made public. The breach occurred in February and March 2012.

--German Power Grid Operator Hit With DDoS Attack
(December 12, 2012)
50Hertz, a German power utility grid operator, was hit with a distributed denial-of-service (DDoS) attack late last month. For a short while, the company's Internet communications systems were unusable. The attack did not affect electricity supplies.

--Web-based SCADA Gathers More Fans
(December 5, 2012)
A summary of the trends that affect/afflict SCADA systems today. On one hand there is cause for concern as "common" attacks now work against these systems. On the other hand, there is a small, growing body of security professionals that at least have experience dealing with the technology.

There have been some very significant control system cyber incidents as well as issues such as Aurora that are still being effectively ignored. Many of these incidents or vulnerabilities are not IT issues and cannot be addressed by SANS general IT and Windows recommendations. It is a shame that SANS is playing games with such an important subject as control system cyber security.

Joe Weiss

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.