Sloppy security policies are leaving even large energy companies vulnerable to cyberattacks routed through their subcontractors, according to a report released Wednesday by Houston-based security firm Alert Logic. While the largest companies in the energy industry have taken steps to protect themselves from intruders, they have failed to insist on the same vigilance from their […]
Archive | News RSS feed for this section
In classified cyberwar against Iran, trail of Stuxnet leak leads to White House | Washington Times
Mr. Sanger wrote a June 1, 2012, article on Stuxnet that was adapted from his book, which debuted later that week. In the story, he quoted “participants” in White House meetings on whether to continue attacking Iran with Stuxnet, which somehow had broken free into the Internet.“ At a tense meeting in the White House […]
Industrial Security: The Beltway Bandits and Cybersecurity | CONTROL
“Just when it seemed as though we were finally getting people at the top of corporations and government to listen about the differences between IT and industrial control system ICS security, the Obama Administrations executive order mandating improved cybersecurity for critical infrastructure seems to have taken us all back five years. What do I mean? […]
Tom Alrich’s Blog: My (Final) Fantasy CIP-002-5
“I recently wrote my longest post so far, describing how I would rewrite Version 5 of CIP-002 to change what I see as fatal imprecision in the language of that standard. However, I decided to leave part of the required changes for another post, since I wanted to think about them a little more before writing it. Here is […]
Cyber Threats and Security Solutions Congressional Hearing
On Tuesday, May 21, 2013 the Committee on EnergySec and Commerce held a hearing focused on cyber threats and security solutions in critical infrastructure. Much of the discussion was focused on the electric grid. For those who may have missed the hearing, here is the video and a link to the background notice. Background notice: http://grids.ec/securityhearing
How to Hack a Nations Infrastructure | BBC News
Its a small, busy place and is doing a good trade in tea, coffee and cakes. That woman has dropped some money. A child is running around. Later, another customer thinks they have got the wrong change. Nothing too gripping, you might think, except that the feed should be private, seen only by the cafes […]
Power companies present cybersecurity gaps | USA Today
The U.S. militarys top cybercommander said some of the nations utility companies have lagged in investing in network security, raising concerns about the vulnerability of the nations critical infrastructure. “The power industry has a wide scale, from companies that are very good to companies that need a lot of work and a lot of help,” […]
Read More 0 Comments
“Lazy” humans playing into critical infrastructure hackers’ hands | CSO
Critical infrastructure operators remain vulnerable to attack from hackers whose motivations have matured from the “pretty juvenile” wanton vandalism of the 1990s to the aggressive, targeted and financially-motivated cyber war being waged online today, a one-time senior security advisor to the US president has warned. Noting the popularity of early website defacement and DDoS attacks […]
Read More 0 Comments
Can Congress Protect the Nation’s Critical Infrastructure? | PCWorld
The nation’s critical infrastructure is at risk – a well-executed cyber attack could have a potentially devastating effect. Congress is trying to patch some of the holes with legislation, but a recent survey found that most security experts have little faith that government regulation can do the trick. Sensational attacks against the critical infrastructure make […]
Read More 0 Comments
Tom Alrich’s Blog: Asset Identification in CIP Version 5
“A funny thing happened on the way to this blog post. After FERC’s NOPR on April 18, I decided I should do a series of blog posts that really tear into the details of CIP Version 5 – since very few people other than the SDT members can probably give you a good accounting of […]
Read More 0 Comments
