From: Digital Bond’s SCADA Security Portal – Friday News & Notes

Posted on 2012/08/24


a quick re-post from Digital Bond's SCADA Security Portal http://www.digitalbond.com/2012/08/24/friday-news-notes-42/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+digitalbond%2FoLPM+%28Digital+Bond%29

Friday News & Notes by Dale G Peterson

ICS Security NewsThe LOGIIC (Linking Oil & Gas Industry to Improve Cybersecurity) won the U.S. DHS Science & Technology  Directorate Under Secretary’s Award for Outstanding Collaboration in Science and Technology. According to Automation.com “the award is presented to organizations that work across boundaries to deliver better service, value and outcomes for customers, stakeholders and communities.” Given that description, LOGIIC is worthy. Getting all those players to sign a project agreement and then agree on the resulting report was almost heroic from what I heard. The results were a bit underwhelming, but still contributed to moving the Safety / DCS integration issue forward.

The North American electric sector kerfuffle between FERC and NERC got more complicated as a bunch of industry organizations (APPA, the Edison Electric Institute, the Electric Power Supply Association, the Electricity Consumers Resource Council, the Large Public Power Council, the National Rural Electric Cooperative Association and the Transmission Access Policy Study Group) wrote a letter to FERC saying the level of scrutiny in the staff audit of NERC is unwarranted. This is not a huge surprise since the members and funding for these organizations come from NERC members. FERC needs to get tough with NERC … on the CIP standards. The merits of this staff audit are a sideshow whoever is correct.

ISA has formed a new committee on Intelligent Device Management, ISA 108. The new committee will probably have a liason relationship with ISA 99 for security issues.

The US FBI and DHS published a one page Potential Indicators of Cyber Threats to Industrial Control Systems. The document is a great idea, but it needs some work. The most useful, if a bit general, section is “What should I consider suspicious?”.  The biggest problem is half the document explains what an ICS is. This should not be necessary for the target audience of people who run own or operate an ICS.

Wired’s Danger Room reported on DARPA’s Plan X. Pull quotes – “everyone from the director of Darpa on down has pushed the need to improve — and normalize — America’s ability to unleash cyberattacks against its foes.” But then say “The Plan X program is explicitly not funding research and development efforts in vulnerability analysis or cyberweapon generation.” — that’s another program.

As of Friday morning RuggedCom still has not responded to the Justin Clarke disclosure of a hard coded private key in their Rugged OS. Evidently they did not learn much from the vulnerabilities disclosed earlier in the year. At this point they owe customers and prospects an explanation about changes in their security development lifecycle, security review of existing products and improvements in their vulnerability handling process.

Tweet of the Week

@hdmoore Siemens should be fine with immediate disclosure, since waiting for the fix is pointless, none expected.

@41414141

FX of Phenoelit

Don’t forget to subscribe to this blog RSS feed and follow @digitalbond.com on twitter.

Worth Reading Articles

Didn’t flag anything this week


Critical Intelligence’s ICS Security Event Calendar Updates

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by s2art

Posted in: reading