Over the last couple of blogs, I mapped out the importance of ISA/IEC-62443/ISA-99 based cybersecurity and how it applies to your work environment.
For part 1, I started from the beginning and outlined what exactly ICS cybersecurity is and why it is important.
For part 2, I explained the difference between…
Last week a security researcher, Dillon Beresford of NSS Labs, presented at the Blackhat conference on the security vulnerabilities he found in Siemens PLC firmware. One of many stories on Dillon’s findings can be found here. Among other things, Dillon found “dancing monkeys” in the code! Actually,…
Unconfirmed vulnerabilities are not usually a big issue, but when one occurs like Supermicro, plant management will ask a simple question: “Do we have an issue or not?”
Having been on the receiving end of this blunt exchange, I realize it can be painful and embarrassing to communicate,…
One of the best parts of my job is I get to walk around and look over what has been implemented in the way of physical and cyber security. Most of the time I am very impressed by what has been done as more and more companies are realizing…
How should you react to news of PLC security vulnerabilities?
Project Basecamp was an exercise conducted at the S4 Security Conference that was held last month in Miami, Florida. At the event, six security researchers reported their findings on the…
A recent, disturbing trend I’ve seen in industrial control system (ICS) security is that, in response to concerns about the security of their ICS & SCADA systems, companies are performing penetration (pen) testing on operational systems. Often times they request these services as one of the first steps in…
It’s interesting that I had been preparing a webinar on pipeline safety and security since there have already been numerous incidents reported regarding pipeline accidents and leakage. Now the latest incident concerning Colonial Pipeline and the ransomware attack by Darkside, a so-called extortion group,…
Isn’t it frustrating when you experience an event that disrupts operations and then discover it could have been prevented? Very often a detailed analysis will reveal that a combination of (preventable) mistakes and unknown factors caused the incident. Training can help the mistakes, but dealing with the unknowns is a little…
Let me be the first to say that I don’t normally do book reviews. Frankly, I thought I left them behind years ago when they were required assignments for my undergraduate classes. Nevertheless, I find myself writing one today, not because I must, but because there are so many cybersecurity professionals…
I had the privilege to attend the CDS-forum in Trondheim, Norway on October 15, 2019. The CDS-forum is a Norwegian Industry Forum for Cybersecurity of Industrial Automation and Control Systems. The forum is a co-operation between oil companies, engineering oil companies, consultants, vendors and researchers, with a…
Stuxnet has, rightly, generated a significant amount of discussion and concern with the industrial automation community. Fortunately, unless you operate a uranium enrichment facility using Siemens S7 PLC’s and some very specific variable frequency drives (VFDs) you probably haven’t been directly impacted by the Stuxnet…
Hacking public transportation systems is always depicted on TV and movies. And they make it seem so easy… it only takes seconds for these fictional experts. Is it a reality?
Well, the Amtrak train derailment that occurred earlier this year in Philadelphia got me thinking about “hacking” as a…
Cybersecurity continues to be an overlooked aspect in organizations—including those owning ICS (Industrial Control System) production facilities. Anyone following the news has most assuredly heard of the plethora of massive data breaches that organizations have endured over the last…
Now that we have a little bit of context on what's driving our current cybersecurity landscape. The next question is, “where does this pragmatic approach come in? What is a pragmatic approach? What does the word pragmatic mean? The dictionary definition is dealing with things sensibly and realistically in a…
Many will agree that exida's Safety Equipment Reliability Handbook (SERH) and the Safety Automation Equipment List (SAEL) are very useful tools for choosing products to use in safety instrumented systems. The SAEL shows a product’s IEC 61508 and cyber security…
Cybersecurity incidents have shown that there can be major consequences for automation systems. There have been incidences where attackers have been able to manipulate the human resource interface console directly. It was only by chance that an operator in one particular instance happened to notice that his mouse pointer…
Cybersecurity continues to be a big problem for the world at large and for control systems specifically. The amount of time and effort that it can take to simply keep all of the security patches up to date on a large control system can be mind boggling. No…