Industrial Security
Industrial Ethernet
Data Centers
Broadcast AV
Belden News
Blog Home
Popular Tags

Featured Bloggers

Belden.com

Popular Tags results for "Industrial Security"

Flame – The Latest Super Worm Discovered in the Middle East Energy Industry
Blog Category: Industrial Security

Posted by: Industrial IT Team on May 31, 2012

Last week I was in the Middle East, speaking at a very interesting security conference attended by management from the region's major energy companies. Today's blog was going to cover what I learned at this event, but that will have to wait. Instead, in an interesting coincidence, a new super worm called Flame (or sKyWIper), has been discovered targeting sites in the Middle East. So today I will explore what impacts (if any) this new worm will have on SCADA or ICS security.

Read More >>

Stuxnet: The Start of a Cyber Arms Race
Blog Category: Industrial Security

Posted by: Industrial IT Team on June 07, 2012

The discovery of the Flame malware last week focused the cyber security world on the sophisticated strikes targeting energy companies in the Middle East. Although Flame's goal was espionage rather than damaging operations as Stuxnet did, it has been seen as one more indication that the industrial world is now in the bull's eye of clever attackers.

On the heels of Flame coverage, this week David Sanger, the Pulitzer Prize winning Washington correspondent for The New York Times, released his new book "Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power". Up to now, many writers speculated that the U.S. and Israel collaborated on Stuxnet. This book does not speculate; it builds a strong circumstantial case that these two countries did indeed create and launch Stuxnet against Iran.


Read More >>

What Advanced Persistent Threats (APTs) Can Teach the ICS and SCADA Security Practitioner – Part 1
Blog Category: Industrial Security

Posted by: Industrial IT Team on June 14, 2012

Recently a very complex worm called Flame has been discovered attacking companies in the Middle East, and it is an excellent example of what security experts call an Advanced Persistent Threat (APT). Figuring out how to defend against APTs is a major focus in the IT security world.

Now while Flame was busy attacking the Middle East, I was in Abu Dhabi at the International Cyber Security Forum for Energy and Utilities, listening to a talk by Paul Dorey called "Advanced Persistent Threats - A Real Problem with Real Solutions" (you can download his presentation at the end of this article). Paul’s talk focused on security for the IT industry, but there were important lessons on managing attacks in the ICS / SCADA world. I will focus on one of those lessons in today’s blog.

Read More >>

What Advanced Persistent Threats (APTs) Can Teach the ICS and SCADA Security Practitioner – Part 2
Blog Category: Industrial Security

Posted by: Industrial IT Team on June 26, 2012

Professor Paul Dorey recently presented a paper about the seven important lessons the IT world has learned in managing Advanced Persistent Threats (APTs). In this article, I will discuss lessons #2, #3 and #4, and how to apply these lessons to ICS and SCADA security.

APTs have been discussed in some depth in previous blogs, so if you aren’t familiar with the concept (or need a review) check out Part #1 of this series. If you want real world examples of APTs, especially ones that have impacted the energy and chemical industries, browse some of my previous blogs on Nitro, Night Dragon and Duqu.

Read More >>

Cyber Threats Increase for U.S. Critical Infrastructure
Blog Category: Industrial Security

Posted by: on June 26, 2012

Did Iran really detect a planned "massive cyber attack" against its nuclear facilities, as reported by Reuters last week? And, have they really “taken [the] necessary measures” to contain it? Or has their posturing been affected by the revelations in “Confront and Conceal: Obama’s Secret Wars and the Surprising Use of American Power” (Confront and Conceal), the new book by the New York Times writer David E. Sanger. Furthermore, what does this have to do with ICS and SCADA Security?

In a recent blog (Stuxnet Warfare – The Gloves are Off) we discussed Mr. Sanger's book. At that time, we noted that Mr. Sanger’s statements that the U.S. and Israel were behind Stuxnet “made it difficult for the U.S. Administration to deny it was behind the Stuxnet attacks”. Indeed the Reuters article seems to treat the attribution of Stuxnet to the U.S. and Israel as fact, indicating the impact of Sanger’s disclosures on how the world is now interpreting sophisticated advanced persistent threats such as Stuxnet and Flame.

Read More >>

Are SCADA Air Gap Supporters a Dying Breed?
Blog Category: Industrial Security

Posted by: Industrial IT Team on July 12, 2012

Last week I updated my air gap blog from 2011. I noted some companies (like Siemens) no longer mention air gaps. Then to keep things balanced, I added new examples of consultants that support the air gap theory. In particular, I selected this quote from Paul Ferguson at Trend Micro:

“I’ve written about SCADA issues in the past, but one issue that I’ve consistently tried to emphasize is that critical control systems should never, ever interact nor interconnect with Internet systems in any way, shape, or form. There’s a good reason for this, and it’s always been referred to as the “Air Gap” Principle.”

Read More >>

SCADA Security: Falling into the Air Gap Trap
Blog Category: Industrial Security

Posted by: Industrial IT Team on July 19, 2012

This is an excerpt from the Practical SCADA Security blog at Tofino Security.

Last week I discussed how security experts and ICS / SCADA vendors are giving up on the dream of the air gap as a viable security solution for the modern control system. Unfortunately, it is still all too easy to believe your control system is isolated.

Recently I had a very enlightening conversation with a control engineer who thought his system was air gapped.

Read More >>

Industrial Security: New Vulnerability Disclosure Framework A Step Forward
Blog Category: Industrial Security

Posted by: Industrial IT Team on July 27, 2012

This is an excerpt from the Think Forward blog by Ernie Hayden at verizonbusiness.com.

In a move that may be helpful for critical infrastructure asset owners, on July 23 the Industrial Control Systems Joint Working Group (ICSJWG) published a new document on a framework for disclosing Industrial Control System (ICS) vulnerabilities.

Common Industrial Control System Vulnerability Framework
Industrial Control Systems Joint Working Group (ICSJWG), which was established by the U.S. Department of Homeland Security Control Systems Security Program, published the document - Common Industrial Control System Vulnerability Framework. The document was developed with the intention of providing consensus-based guidance to vendors and system integrators in helping them create ICS vulnerability disclosure policies.

Read More >>

Follow Us

Subscribe
Blog Home
RSS Feed
Blog Home
Email Notifications

Search
All Belden Blogs


Stay Informed