Archive for 'Remote Access'
Emergency Remote Access Clarification / CIP
NERC has just issued the first Clarification Application Note [CAN] related to the CIP standards. The CAN process should be very helpful for owner/operators, vendors and auditors by removing some of the interpretation on what the standards mean and require. That said, the answers in a CAN may be very unpopular and in some cases [...]
Author: Dale Peterson
Posted: June 23rd, 2010 under NERC CIP, Remote Access.
Comments: none
Code signing, misconceptions and realities
Code signing is a security feature that has been around for quite some time, and has been proven in many other areas, but is uncommon to find it in any control system component and very rare to find in control devices where firmware uploading is an important feature. Without a doubt the technology is useful, [...]
Author: Daniel Peck
Posted: May 20th, 2010 under Authentication, Patching, Remote Access, SCADA Architecture.
Comments: none
Smart Phones as Threat Vectors
The newly appointed “Cyber Security Czar”, Howard Schmidt recently noted that he considers smart phones and such devices one of the largest areas of concern for cyber security. Saying “What they’ve been attacking on the desktop they’ll starting attacking in our mobile devices as they become more like PCs in our pockets. We can’t wait [...]
Author: Kevin Lackey
Posted: January 13th, 2010 under Big Picture, Remote Access.
Comments: none
External Connections
When stories about Internet based attacks on control systems, like the 60 Minutes story, appear on sites like Slashdot, most people question the need to attach the control network to another network. In my previous position at a National Laboratory, I have seen proper network segregation implemented successfully, though at times it can be a [...]
Author: Charles Perine
Posted: November 12th, 2009 under Authentication, Big Picture, Firewall / Perimeter, Remote Access, SCADA Architecture.
Comments: 5
There is an app for that!
Recent news notes that the first iPhone worm is making the rounds. It takes advantage of default passwords in jailbroke iPhones. The hack was first demonstrated as a “Riuckroll” joke exploit and dubbed the ikee worm, but wily hackers have used the initial prank worm to engineer a worm that collects data and downloads user [...]
Author: Kevin Lackey
Posted: November 12th, 2009 under Calculating Risk, Remote Access.
Comments: 2
Control System Data on Your Blackberry, iPhone, …
I’m out at the OSIsoft T&D Users Group in Portland this week. Transpara, one of the OSIsoft partners, is showing PI displays sent to Blackberries, iPhones and other mobile devices. People were walking up with their phones and getting demo’s right on their phones. Essentially you navigate to a web page on a web server [...]
Author: Dale Peterson
Posted: September 17th, 2009 under Calculating Risk, Control System Vendor, Remote Access.
Comments: 5
Time to Revisit Dial-up Security
For those who were counting on war dialing being hacker passé, you may want to think again. A new tool (WarVOX) was made public this week that, using VOIP services, is able to scan a 10,000 number exchange in eight hours or less. It might be time to check those modem lines for “emergency” support [...]
Author: Jason Holcomb
Posted: March 5th, 2009 under Field Communication, Remote Access, Security Tools.
Comments: 2
Secure Remote Access RFI
Pacific Gas & Electric (PG&E) has a Request For Information (RFI) out for:
“a Gatekeeper system of hardware and software to provide secure remote access to the devices attached to its packet-routed Operations Data Network”
We have tried to identify and send the RFI to potential solutions but there is always a chance there is some hot, [...]
Author: Dale Peterson
Posted: September 18th, 2006 under Remote Access.
Comments: none
KVM over IP for Field Access?
A reader question – -
A client has asked to implement KVM over IP as the remote access solution to RTU in the field. I have been trying to find information if the industry approves or disapproves this.
Cheers, Jamie
The main security issue is the IP connectivity, not the KVM itself. It extends the routable network perimeter, [...]
Author: Dale Peterson
Posted: March 9th, 2006 under Remote Access.
Comments: 3
New, Leading (Bleeding?) Edge Control System Security Products
I will highlight one of the ten presentations in the Critical Infrastructure track of the InfraGard National Conference each week. I’ve challenged the industry to come up with some new and exciting ideas and information. The Conference is in Washington D.C. , August 9 to 11.
New, Leading (Bleeding?) Edge Control System Security Products
Control system networks [...]
Author: Dale Peterson
Posted: May 25th, 2005 under Remote Access.
Comments: none