Speaking of conferences, next week in Las Vegas is BlackHat, BSides and Defcon. Only a couple of ICS sessions there, but I bet IOActive’s Ruben Santamarta’s session on backdoors in industrial firmware will be a highlight. Ruben is at the top of heap when it comes to ICS hacking. BSides includes a session on the Termineter smart meter hacking tool that accesses the meter via the optical port.
McAfee has some large claims of power company cyber extortion in their Smarter Protection For The Smart Grid white paper. “The most prevalent cyberthreat reported by the global energy sector is extortion. Criminals gain access to a utility’s system, demonstrate that they are capable of doing damage, and demand a ransom. In the McAfee/CSIS study noted earlier, one in four power companies globally said they had been victims of extortion. In some countries, the incidence is alarmingly epidemic—80 percent in Mexico, for example, and 60 percent in India. And the sums of money paid out are equally staggering—hundreds of millions, by some estimates.” This would be some hard business case data if corroborated, but we haven’t seen this elsewhere and haven’t heard of such things being so widespread as of yet.
Perhaps concerned with President Obama taking all the credit, the UK Parliament’s Intelligence Security Committee admitted to causing disruption in Iran’s nuclear capabilities. The article also makes it very clear that the UK, like most countries is focused on “accessing the data or networks of targets to obtain intelligence or to cause an effect without being detected”.
CNET’s Elinor Mills wades into the information sharing swamp prompted by a new Cyber Security Task Force: Public-Private Information Sharing report written by the Homeland Security Project. I must admit that I don’t understand why this issue still garners so much effort and discussion. People and organizations, including Digital Bond, only share information when it is in their own self-interest. These proposed changes address the downside of sharing, but not the upside.
Renew Grid covered a recent Senate hearing on Electric Grid security. From the article, “Joseph McClelland, director of FERC’s Office of Electric Reliability, testified that protecting the nation’s electric grid is hindered by limitations in federal authority.” While FERC’s authority may need to be tweaked, it’s a convenient excuse that some in Congress actually seems to promote with questions like “Do you need more authority?” The better question is why did you pick NERC as the ERO? Why are you letting the regulated entities set the regulations? How long are you going to let this continue and do you have a plan to replace NERC if they don’t put in more effective regulations? The full hearing can be viewed here.
Browns Ferry Nuclear Power Plant had a fire in the Unit 3 control room in January. It was caused by a 34 year old electrical component, which is even older than Windows NT.
Tweet of the Week
Check out the picture in the tweet.
Worth Reading Articles
- Tofino blog’s Airgap Conversation With an Engineer, DP Note: The airgap topic is so tired, but this article has a good discussion that you can use to identify external connections
- Dave Aitel’s Why You Shouldn’t Train Employees For Security Awareness, discuss
- Wired article on Spoofing GPS technically interesting and some implications for SCADA systems
Critical Intelligence’s ICS Security Event Calendar Updates
No new events this week
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by takomabibelot