More ICS Passwords Hardcoded In Firmware

By Robert Vamosi | 5/28/13 2:31 AM

Hard-coded user accounts have once again been discovered in systems used for Industrial Control Systems.

Read More >

The Power of Shodan

By Robert Vamosi | 8/3/12 2:10 AM

Did you know there are hydrogen fuel cells attached to the Internet? According to one researcher there's a lot more of the Internet of Things that's accessible from the search engine Shodan than first meets the eye.

Read More >

Does ICS Need A DEFCON Readiness Condition?

By Robert Vamosi | 5/17/12 8:43 AM

With attacks increasing on Industrial Control Systems, it has been suggested that this critical infrastructure in particular have a state of readiness similar to the DEFCON status used in warfare.

Read More >

The 2010 Rise of Stuxnet and Other Security Shake-Ups for Industrial Control Systems

By JDavis | 2/15/11 6:18 AM

The state of cybersecurity for industrial control systems is weakening while the push for productivity is at large. As industrial and corporate networks have become united, this has complicated the interconnectedness of their control systems. The result has been the increased vulnerability to security threats, many of which are the same that plague enterprise networks, and many that are new sources that these devices were never designed to handle.

Read More >

Search Engine Serves Up Vulnerable Industrial Systems

By JDavis | 11/9/10 11:52 AM

A new search engine -- one that scans the internet for devices and servers rather than websites -- is making it even easier for hackers and other malicious criminals to find and exploit critical infrastructure and industrial control systems.

Read More >

60 MINUTES: Devices Controlling National Infrastructure Have Already Been Hacked

By JDavis | 6/13/10 10:50 AM

In a comprehensive investigation into the vulnerabilities of US critical systems, (including financial, utility and military infrastructures), 60 Minutes recently reported that some of the country's top security experts believe the US to be unprepared for the serious threats posed by targeted cyber attacks.

Read More >

Depsite IT, Industrial and Utility Security Still Weak

By JDavis | 5/17/10 9:19 AM

In a comprehensive interview with CNET News, security expert Joe Weiss -- an authority on cybersecurity in the industrial and utilities industries -- discusses the ongoing disconnect between IT security and the world of critical infrastructure. (A subject we've discussed before).

Read More >

New Embedded Device Security Specs Now Online For Comment

By JDavis | 5/3/10 8:17 AM

The ISA Security Compliance Institute announced on April 27 that two of three main elements of its ISA Secure Embedded Device Security Assessment (EDSA) have been made available for public comment. As outlined on the ISCI website, this certification will provide an industry-qualified benchmark for security in future embedded devices aimed specifically at industrial control and automation settings.

Read More >

Industrial Control Systems Hit by Malware

By JDavis | 4/15/10 11:21 AM

A new report from the Repository of Industrial Security Incidents (RISI) shows that, over the past five years, the industrial control systems that run utility plants--including power, water, and wastewater--are increasingly subject to security breaches involving malware and viruses. And this is despite only 10 percent of industrial control systems being directly connected to the internet.

Read More >

Blogger: Security Mainstream Still Ignorant of Security Problems in Industrial Controls & Embedded Devices

By JDavis | 3/22/10 7:44 AM

We've previously posted about the concerns surrounding the state of Industrial Control Systems cybersecurity. And after this year's RSA Conference--billed as the most comprehensive forum on information security--at least one ICS security expert is troubled about the continued lack of progress in this field.

Read More >