Before we get too deep in this discussion, perhaps we should make sure we’ve covered the basics for those who may not be familiar with the concept of virtualization. In theory, virtualization is an abstraction of any computing resource and has been around for forty-plus years. The most common use of the term now, however, [...]

A few years back, the traditional IT world was debating the merits of virtualization. There were concerns about performance, security, vendor support, and a host of other issues. Fast-forward to today, however, and you’ll find virtual machines in use in nearly every data center. The number one reason virtual machines have revolutionized server-side computing, I [...]

When the NetDDE share vulnerability in Wonderware’s InTouch 8.0 HMI was announced by US-CERT, we noticed that most dismissed it as just typical control system weak permissions. The same as commonly seen in OPC DCOM configurations. However, the true impact of a weak NetDDE share is much greater than allowing any user to access the [...]

Between being the S4 chair and handling the Virtual Attendee chat and Q&A it was impossible to live blog at the event, but I was writing down some thoughts. Here they are in brief:

The metrics paper from INL supported my belief that there is some great work going on at the labs that we just [...]

US-CERT put out three vulnerability notes related to the GE Fanuc issues discussed in Eyal Udassin’s S4 paper. Eyal works for C4 in Israel. These issues had been reported to vendor almost a year ago and had been closely coordinated with CERT’s in the US and Israel.
What makes these even more interesting than just another [...]

It was a very light blogging week – – as loyal readers obviously noticed. S4 occupied most of our time this week. The final count was exactly 50 physical attendees and 22 virtual attendees. I’ll put up some blog entries I’ve written from the event in the next few days.
The other reason we didn’t blog [...]

Alan Paller of SANS has been talking about cyber extortion attempts of utility companies for over a year now, and we now have Tom Donahue, a CIA-rep, on the record.
“We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some [...]

Another round of hysteria is launched with the CIA announcing at the SANS Security Summit that hackers had caused power outages in foreign countries. Maybe this helps convince non-believers, but with so little information it is of little value to any control system security professional. These people already know this can be done. Will the [...]

Today FERC approved the NERC/ERO CIP cyber security standards for the electric industry. This was the right decision to avoid derailing progress.
What is most impressive are the comments in the press release and final rule.
They directed modifications and improvements. This is the Version 1.0, and it will get better and more stringent. Basically NERC/NRO needs [...]

The third edition of the SANS SCADA Security Summit takes place tomorrow and Thursday in New Orleans. I passed on it this year because the agenda seemed highly repetitive of past events, but it is an excellent event for those new to the space or for those who want to network with the community.
One talk [...]