The big item of the week was Saudi Aramco cutting itself off from the Internet due to a malware incident. According to ICS-CERT, this would be an ICS cyber incident whether it affected their control systems or not because they run a control system. An article is percolating somewhere in my brain about the false statistics showing an increase in quantity of cyber attacks on ICS, but a likely increase in the quality and preparation of offensive capabilities on ICS. The only statistical evidence to date is an increase in disclosed ICS vulnerabilities (due to more researchers/hackers trying) and increase in identifying Internet connected control systems.
Are CFATS days numbered? It’s been an unsuccessful effort that has received almost automatic renewals, but now the political winds seem to be shifting according to Patrick Coyle. This may not be a bad thing. Maybe scrapping it and starting over has a better chance of success, and why waste continued time and money on a failed effort. The question is whether CFATS is better than nothing?
Invensys announced more virtualization options for their Foxboro and Triconex lines. Great to see as it makes recovery, security updates, and rollback faster and less risky.
Tweet of the Week
Worth Reading Articles
- Forbes article Forbes article Congress Needs To Go Back To School On Cyber Legislation
Critical Intelligence’s ICS Security Event Calendar Updates
Nothing new this week
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by auntjojo