Electrifying: Play-By-Play
via William Knowle's Infosec News (a security news compilation organization), comes this fascinating North American Electric Reliability Corporation (NERC) report document (expertly presented by E&ENews Reporter Blake Sobczak) - ostensibly, a 'play-by-play' of the first cyberattack of a US Energy Utility. Think it can't happen here? It already has...
"But the March 5 event was significant enough to spur the victim utility to report it to the Department of Energy, marking the first disruptive "cyber event" on record for the U.S. power grid (Energywire, April 30). The case offered a stark demonstration of the risks U.S. power utilities face as their critical control networks grow more digitized and interconnected — and more exposed to hackers. "Have as few internet facing devices as possible," NERC urged in its report." - via E&ENews reporter Blake Sobczak
DEF CON 27, Early Release, WillC's 'Phreaking Elevators' →
ICS Attacks, The Real National Emergency
News, via the astonishingly prolific security writer Dan Goodin, editing, and reporting at Ars Technica, tells the tale of oil and gas network attacks in the United States, by a group monikered Xenotime. Think we're protected? Think again. Read the Dragos security researcher's post for truly concerning national security relevance.
"The group, now dubbed Xenotime by Dragos, quickly gained international attention in 2017 when researchers from Dragos and the Mandiant division of security firm FireEye independently reported Xenotime had recently triggered a dangerous operational outage at a critical-infrastructure site in the Middle East." via Dan Goodin, Security Editor reporting at Ars Technica
##
"Ultimately, XENOTIME’s expansion to an additional ICS vertical is deeply concerning given this entity’s willingness to undermine fundamental process safety in ICS environments placing lives and environments at great risk. - via Dragos
When a Tree Falls in St. Louis, Will the Power Go Out?
A superlative bit of combinatorial scholarship coming out of St. Louis University, where Sean Hartling, Vasit Sagan, Paheding Sidike, Maitiniyazi Maimaitijiang and Joshua Carron have lashed-up geospatial sciences, machine learning, UAVs, and no-small level of intellectual virtuosity to study trees, the natural felling thereof, and power outages. Todays' Must Read for you ICS Boffins and Foresty geeks (while not ignoring the AI, ML, UAv and Network Information Security types as well).
"At SLU, geospatial science meets machine learning. In a study recently published in Sensors, Saint Louis University researchers paired satellite imaging data with machine learning techniques to map local tree species and health. The data generated by the project will help inform best practices for managing healthy green spaces as well as trimming programs to avoid power outages following storms." - via Carrie Bebermeyer, Senior Media Relations Specialist at St. Louis University
All's Not Quiet On The SCADA Front →
via Zack Whittaker timely reportage for ZDNet's Zero Day group, his work provides insight to the tangled-web-we-weave in the ICS/SCADA world. This time - the ramifications of a particularly-pesky security flaw in a Schneider product (amongst thousands of other known bugs in hundreds of other software packages coupled with poor software management practices in the industrial control systems sector combine to make a very poor nap at the control boards, indeed. Just ask Homer! Today's Critical Must Read Choice.
"It's the latest vulnerability that risks an attack to the core of any major plant's operations at a time when these systems have become a greater target in recent years. The report follows a recent warning, issued by the FBI and Homeland Security, from Russian hackers. The affected Schneider software, InduSoft Web Studio and InTouch Machine Edition, acts as middleware between industrial devices and their human operators. It's used to automate the various moving parts of a power plant or manufacturing unit, by keeping tabs on data collection sensors and control systems. " - via Zack Whittaker writing for ZDNet's Zero Day
Radvanovsky's RuggedTrax →
Bob Radvanovsky, of Infracritical SCADASEC fame and Critical Infrastructure Protection and Cyber Security Researcher, has completed the RuggedTrax project, and published the findings thereto. Outstanding work Mr. Radvanovsky.
Chuvakin, Tanks versus Tractors →
Via Gartner Research Vice President Anton Chuvakin, Ph.D., comes a superb screed prompted by JeepGate. Today's Must Read.
ICS Cyber-Incidents Not Identified, Reported →
In a tour de force post on the Unfettered blog, highly respected Industrial Control Systems Information Security Professional Joe Weiss targets systemic problems in the ICS arena. One of those problems is apparently the correct identification and reporting of security incidents in the ICS realm. If you read anything today on ICS / SCADA information and Network Security, read Joes' blog post - it's simply that important.
NIST Releases Revision 2, Guide to Industrial Control Systems (ICS) Security
The National Institute of Standards and Technology (NIST) has announced the release of Special Publication 800-82, Revision 2, Guide to Industrial Control Systems (ICS) Security. Outstanding.