The team at SCADA Strangelove has added the ability to crack Siemens S7 passwords to the John the Ripper tool.
And the team at Drainware released Siemens S7 discovery scripts for nmap.
The Washington Post reports that the US military will increase its cybersecurity force 5x over the next several years, going from 900 people today up to 4,900.
The full agenda for the 12th Annual National SCADA Conference in Australia is up. One of these years I’m going to make it down there as they have been kind enough to invite me a couple of times.
SCADASEC had a good post on transportation security, specifically the importance of classification yards. “where freight cars are shifted from one train to another in order to arrive at their destinations. A cyber attack on the systems in those yards could damage enough equipment to make them unusable (although that would be a difficult attack). Without classification yards, freight traffic becomes almost useless.”
ICS-CERT has added a three page Credential Management section to their Targeted Cyber Intrusion Detection and Mitigation Strategies paper.
GE announced a software update product to help with security patching and a multi-purpose security appliance called SecurityST. We’ll try to get more information and report back soon.
Congratulations to Joe Weiss for being designated a US expert to IEC TC45/SC 45A/WG9 – Instrumentation and control of nuclear facilities. Joe outlines all his IEC and ISA responsibilities here. Busy guy and a lot of patience to work that heavily in the standards realm.
Tweet of the Week
Worth Reading Articles
- CIO Magazine’s Securing SCADA Systems Still A Piecemeal Affair < DP Note: Discusses ReVulns runtime patching service announced at S4x13
Critical Intelligence’s ICS Security Event Calendar Updates
- Securing the Grid, Feb 7 in Bethesda, Maryland
- ARC World Industry Forum Cyber Security Workshop, Feb 11 in Orlando, Florida
- ICS Security Presentations at SchmooCon, Feb 15-18 in Washington D.C.
- DHS Advanced ICS Training / Red Team – Blue Team, March 11-15 in Idaho Falls, Idaho
- ICS Security Presentation at Black Hat Europe, March 14-16 in Amsterdam, Netherlands
- DHS Basic and Intermediate ICS Security Training, March 26-29 in Houston, Texas
- NESCO Town Hall Meeting, April 3 in Phoenix, Arizona
- Black Hat Embedded Security Summit, April 23-24 in San Jose, California < DP Note – agenda looked great
- DHS Advanced ICS Training / Red Team – Blue Team, May 20-24 in Idaho Falls, Idaho
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by Nina Matthews Photography