October 2012

SCADA Security is a Mindset - ISSSource Explains Why at Belden Design Seminar

Submitted by Heather MacKenzie on Thu, 2012-10-04 10:29

For those of us passionate about industrial security it is great to see it being integrated into networking training as it was at the Belden Industrial Ethernet Infrastructure Design Seminar held near Chicago earlier this week.

The Critical SCADA Security Patch that your Control System Isn’t Getting

Submitted by Eric Byres on Fri, 2012-10-12 21:00

Yesterday afternoon I received a note from another security expert that has left me a bit stunned. Like most of you, I assumed that if you are patching your Windows computers on your SCADA or ICS system (using some variation of Microsoft Windows Update), then any vulnerable services that can be patched will be patched. Well guess again – you may still have a number of open vulnerabilities that are happily being missed by the Windows update service.

SCADA Security: Tofino provides an Alternative to Patching

Submitted by Eric Byres on Wed, 2012-10-17 13:23

Last week I wrote about a serious issue in the patching of SCADA and ICS systems. Just when you think you are installing all needed patches, some critical ones are getting missed.

Shamoon Malware and SCADA Security – What are the Impacts?

Submitted by Heather MacKenzie on Thu, 2012-10-25 21:00

Ed. Note: This is a significant update to an article first published on Sept 25, 2012. The original article is available as a download in Related Links.

SCADA Security Basics: Why Industrial Networks are Different than IT Networks

Submitted by Heather MacKenzie on Wed, 2012-10-31 14:07

Previously we looked at the question of “Why are PLCs so insecure?” Today we are going to come at SCADA security from another angle, which is “Why is securing Industrial Networks different than securing IT Networks?” We will also look at three ways to address these differences.