Hackers targeting energy subcontractors for big steals | Fuel Fix

Sloppy security policies are leaving even large energy companies vulnerable to cyberattacks routed through their subcontractors, according to a report released Wednesday by Houston-based security firm Alert Logic. While the largest companies in the energy industry have taken steps to protect themselves from intruders, they have failed to insist on the same vigilance from their […]

Read More 0 Comments

Thoughts from Defcon

By Jack Whitsitt Since I returned from the yearly hacking & security mega-conference Defcon (and the less well known, but perhaps more interesting, Bsides Las Vegas) last month, I’ve been asked on several occasions  to comment on the various control systems specific talks.  The truth is, I only went to one or two. This is […]

Read More 1 Comment

In classified cyberwar against Iran, trail of Stuxnet leak leads to White House | Washington Times

Mr. Sanger wrote a June 1, 2012, article on Stuxnet that was adapted from his book, which debuted later that week. In the story, he quoted “participants” in White House meetings on whether to continue attacking Iran with Stuxnet, which somehow had broken free into the Internet.“ At a tense meeting in the White House […]

Read More 0 Comments

Industrial Security: The Beltway Bandits and Cybersecurity | CONTROL

“Just when it seemed as though we were finally getting people at the top of corporations and government to listen about the differences between IT and industrial control system ICS security, the Obama Administrations executive order mandating improved cybersecurity for critical infrastructure seems to have taken us all back five years. What do I mean? […]

Read More 0 Comments

Thoughts from a SCADA Engineer By Chris Sistrunk, PE

 “Engineering isn’t about perfect solutions; it’s about doing the best you can with limited resources.” ― Randy Pausch, The Last Lecture A little background on myself, I have been an Engineer for Entergy for 10 years, 8 of which have been involved with the T&D SCADA system.  I started with maintaining the SCADA master database, building operator […]

Read More 3 Comments

Tom Alrich’s Blog: My (Final) Fantasy CIP-002-5

“I recently wrote my longest post so far, describing how I would rewrite Version 5 of CIP-002 to change what I see as fatal imprecision in the language of that standard.  However, I decided to leave part of the required changes for another post, since I wanted to think about them a little more before writing it.  Here is […]

Read More 0 Comments

Public Utility Commission of Ohio’s Thomas Pearce on “Cybersecurity and Regulators”

As we all know, debate remains ongoing in our nation’s capital,, and increasingly in state capitals around the country regarding cybersecurity.  Leading the charge is  the recent Executive Order along with its companion Presidential Policy Directive. Despite relative inaction in getting federal legislation signed into law, I can tell you that there is on-going and […]

Read More 0 Comments

Cyber Threats and Security Solutions Congressional Hearing

On Tuesday, May 21, 2013 the Committee on EnergySec and Commerce held a hearing focused on cyber threats and security solutions in critical infrastructure. Much of the discussion was focused on the electric grid. For those who may have missed the hearing, here is the video and a link to the background notice. Background notice: http://grids.ec/securityhearing

Read More 0 Comments

How to Hack a Nations Infrastructure | BBC News

Its a small, busy place and is doing a good trade in tea, coffee and cakes. That woman has dropped some money. A child is running around. Later, another customer thinks they have got the wrong change. Nothing too gripping, you might think, except that the feed should be private, seen only by the cafes […]

Read More 0 Comments

Power companies present cybersecurity gaps | USA Today

The U.S. militarys top cybercommander said some of the nations utility companies have lagged in investing in network security, raising concerns about the vulnerability of the nations critical infrastructure. “The power industry has a wide scale, from companies that are very good to companies that need a lot of work and a lot of help,” […]

Read More 0 Comments