Tag Archives: ICS

Securing SCADA

  By Hyp0tez | 2011/10/13 - 11:18 | Computer, Security
Kommentering avstängd

Securing scada A pondering upon things within security and SCADA/ICS, do´s and don´ts for a safer everyday operational environment  SCADA Security With the latest newsbuzz, not many have missed out on the fact that our dear SCADA/ICS are under pontentially massive attack. And I could have understood parts of this back in the ”good old days” when there was HackForFame, who wouldnt be g0d-like pwning a powerplant?  but now…. Terrorists: by either religious or political reasons, are … Continue reading

SCADA/ICS ?

  By Hyp0tez | 2011/10/13 - 10:15 | Computer, Security
Kommentering avstängd

What, how and why SCADA System parts Three main elements are part of a SCADA system, Remote Telemetry Units or RTU’s, Human Machine Interface or HMI, and communications. How For the most part, the brains of a SCADA system are the Remote Terminal Units (RTU’s). The RTU collects information at the site, while communications bring the collected information from the different RTU sites to a central location, and on occasion returns instructions to the RTU. … Continue reading

SCADA security (Obscurity)

  By Hyp0tez | 2011/10/12 - 11:54 | Computer, Security
Kommentering avstängd

A little ranting about scada security and some of the problems therein. Imagine going to your economics department asking for exchanging a piece of hardware after 10 years, when the piece of harware has an economical lifespan of 15-20 years. And to the question –”why?” you answer; well NT4 isn´t supported anymore and our SCADA-IT guy retired 5 months ago and he was the only one knowing NT4, the control system for the pumps/turbines/feeders/plc is … Continue reading

SCADA (Un)Security

  By Hyp0tez | 2011/09/23 - 16:29 | Computer, Security
Kommentering avstängd

What is SCADA?   Supervisory Control And Data Aquisition.   So an Overviewing controling data hogging system, – could I then call my wife a SCADA system? you might ask. No, she hasn’t got as much connections to all your processes and aren’t that event driven,(yet, but with the evolution of social networks, we are soon there).   Common use of SCADA is energy/oil/nukelear/heating/cooling and a bunch of other utilities. Some are calling it ICS … Continue reading

Energy RMP

  By Hyp0tez | 2011/09/19 - 23:51 | Computer, Security
Kommentering avstängd

The Department of Energy Releases Draft of Cybersecurity Risk Management Process (RMP) Guideline for Public Comment September 12, 2011 – 10:05am Public-Private Sector Collaboration Produces Guidance to Help Electric Utilities Better Understand and Assess Cybersecurity Risk WASHINGTON, DC – The Department of Energy, in collaboration with the National Institute of Standards and Technology and the North American Electric Reliability Corporation, has released a draft of the Electricity Sector Cybersecurity Risk Management Process (RMP) Guideline for … Continue reading

Morto Worm

  By Hyp0tez | 2011/09/06 - 07:10 | Security
Kommentering avstängd

Sneaking around i found this at the red tiger security site ‘Morto’ worm tries weak passwords and default account names to spread using Remote Desktop Protcol – Basically one would go ….. Hmmm not using good passwords and change them regularly seems kinda ”unsmart”. but thing is that within ICS it seems to be a big thing to be ”old school” and think that they are not a target. Heck if I where a bad guy … Continue reading