Sean McBride’s Finding SCADA Honeypots on Shodan article is a twist on the Internet connected ICS story. He finds 58 Conpots and 67 honeypots listed as Water Control Valve #27. Two points in this article. One, some basic analysis is required to weed out honeypots. And two, you need to add more reality and interaction to your SCADA Honeypot if you want it to be believable.
Wonderware released a new version of their SmartGlance mobile app. We regularly beat up these ICS mobile apps for promoting remote control from any untrusted phone anywhere in the world. It was refreshing to read the Wonderware press release that focused on making plant information available anywhere, not control.
The Nuclear Energy Institute (NEI) is petitioning the US Nuclear Regulatory Commission (NRC) for a rule change “to ensure the regulation is not overly burdensome for NRC licensees, and adequately protects the public health and safety and common defense and security”. It reduce the types and number of devices, applications and subsystems that are subject to cybersecurity regulation. Joe Weiss stirred things up with his “The Arrogance of the US Nuclear Power Industry” article.
Admiral Rogers, Director of the NSA, testified in Congress yesterday. He stated that China and one or two other countries have the capability to attack ICS and affect the US electric grid and other critical infrastructure. This quote was thought provoking, “We need to define what would be offensive, what would be an act of war,” he said. “Being totally on the defensive is a very losing strategy to me.” I need to hear that in context.
The second price tier of S4x15 tickets (51-100) will sell out before Thanksgiving. Get yours now, save $100 and reserve your spot.
Image by Carbon Arc