Substation Integration and Automation: The Cybersecurity Landscape is Changing - Didier Giarratano of Schneider Electric discussed Role Based Access Control (RBAC) and how to do good job applying RBAC to the challenges of substations. Anthony Eshpeter of SUBNET Solutions discussed “Complexities of Substation Cyber Security”. He provided a very good, lucid discussion – pointing out the need for solutions like those SUBNET sells but without ever making a sales pitch. Bradley Tips of Cisco addressed “Real-world Deployment of Network Security for NERC CIP Compliance”. A good overview of what CIP requires for a substation these days.
Where Smart = Secure
Showing posts with label malware. Show all posts
Showing posts with label malware. Show all posts
Sunday, February 3, 2013
Alrich on Distributech's 2013 Cybersecurity Focus Panels
I couldn't make it to the panel sessions but fortunately Tom Alrich could and did. Here's are his short-takes on 3 different panels:
Thursday, January 3, 2013
DHS ICS-CERT reports malware on power control systems
Happy 2013!
OK, enough frivolity. Let's turn down the Nat King Cole, step out from under the mistletoe, and get down to brass tacks.
First, in case that compound acronym is new to you, it stands for: the Industrial Control System - Computer Emergency Readiness Team, and it lives in the US Department of Homeland Defense.
This organization just issued a public quarterly report that describes, at a high level, a recent incident at a power generation company you'll be interested in. I'll get out of the way and let you read the first bits for yourself:
OK, enough frivolity. Let's turn down the Nat King Cole, step out from under the mistletoe, and get down to brass tacks.
First, in case that compound acronym is new to you, it stands for: the Industrial Control System - Computer Emergency Readiness Team, and it lives in the US Department of Homeland Defense.
This organization just issued a public quarterly report that describes, at a high level, a recent incident at a power generation company you'll be interested in. I'll get out of the way and let you read the first bits for yourself:
MALWARE INFECTIONS IN THE CONTROL ENVIRONMENT
ICS-CERT recently provided onsite support at a power generation facility where both common and sophisticated malware had been discovered in the industrial control system environment. The malware was discovered when an employee asked company IT staff to inspect his USB drive after experiencing intermittent issues with the drive’s operation.
Wednesday, March 28, 2012
Tweeting from GridSec conference this week
Howdy from Dallas. This is the evolution of Mike Ahmadi's Smart Grid Security East and West events, which have been running twice a year since the fiest one in San Jose in 2010.
Will shoot to summarize key messages in a post when it's over, but also will blurt out the occasional tweet on the fly using the #GridSec hash tag on Twitter.
Monday, October 24, 2011
McAfee signals "All Clear" following its Duqu Alarm
Was able to attend most of the webinar today, where Peter Szor, senior director of research at McAfee Labs, laid out his and his company's latest thinking on the Stuxnet variant to a largely electric sector audience.
Here's the essentials, according to Szor:
Here's the essentials, according to Szor:
- There's been no control system involvement
- Duqu is not targeting energy or utility assets
- Attacks have been observed in the UK, US and Iran
- Also maybe in Austria, Hungary and Indonesia
- The command and control server is/was based somewhere in India
That's it. I hadn't posted on Duqu yet because I was trying to gauge its potential impact on our industry before making an alarmingly sound myself.
So far it looks like you can go back to security business as usual, which means you're paranoid, anxious and jumpy, and that a note like this telling you Duqu is harmless only makes you more certain that it's anything but.
Such is life in this happy profession.
Subscribe to:
Posts (Atom)