Yesterday I received a few of the Raven ZigBee USB sticks with the KillerBee firmware loaded on it, thank you Joshua Wright. I grabbed the latest version of Killerbee and started playing around with KillerBee and the ZigBee sticks. KillerBee is an 802.15.4 exploration and exploitation framework. It was extremely easy to get running, I [...]

Loyal blog readers know we have been talking about and tracking the increased use of cellular modems in SCADA systems. These are often accessible from the Internet, almost always accessible by other users with service from the same cellular company, and so far always been installed in the default, insecure installation. So a recent article [...]

Yesterday I blogged on the scan results, configuration issues and increasing use of Verizon, AT&T and other carriers’ broadband services for SCADA. Today I’ll address the question of whether these networks should be used in SCADA systems. Like most security questions, the answer is not yes or no.
A prerequisite to even considering use is securing [...]

I’ll start with the stats: we found 1,420 Raven Airlink devices in a wireless class B network that any customer with a wireless card from the carrier could access. These are ruggedized devices with Ethernet and serial connectors used for sending monitoring and control data back from the field.
We read way too many articles about [...]

We are two weeks away from S4. Still time to sign up to be a physical or virtual attendee.
Digital Bond’s 4th Annual SCADA Security Scientific Symposium [S4] is being held January 20 – 21 in warm and sunny Miami Beach. S4 is a bleeding edge research event where technical papers are presented in detail [...]

I will be previewing some of the papers and presentations in this year’s S4 over the next few weeks.
Digital Bond’s 4th Annual SCADA Security Scientific Symposium [S4] is being held January 20 – 21 in warm and sunny Miami Beach. S4 is a bleeding edge research event where technical papers are presented in detail to [...]

Earlier this month Ramtron International announced their new MaxArias, an RF-enabled F-RAM chip, product line. They are currently beta sampling it with several customers in different industries and will launch it in Q1 2010. This product enables RF based read/write applications at a distance of 10 meters. Furthermore, they target several industries and their product could [...]

I’m at ISA Expo in Houston and just finished walking the floor. One word for now – wireless. More from the floor later. I also have recorded some interviews so a podcast will be forthcoming
ISA has set up in a “Security Lounge” in the 2700 Aisle at the show. It is spacious, has comfortable sofas, [...]

First – Don’t forget to get your abstracts in to present a paper at S4 2010 in January in beautiful Miami Beach.
This weeks online paper from past S4 events is the Goodspeed, Highfill and Singletary paper, Low-level Vulnerabilities in Wireless Control Systems Hardware. It was the first S4 paper to look at hacking hardware to [...]

First – Don’t forget to get your abstracts in to present a paper at S4 2010 in January in beautiful Miami Beach.
This weeks online paper from past S4 events is Jake Brodsky and Tony McConnell’s paper “Jamming and Interference Induced Denial of Service Attacks on IEEE 802.15.4 Based Wireless Networks”. [Note - Fixed Link] This [...]