X

Ultra Electronics 3eTi

ics cyber security

Cybersecurity Spotlight: Next Generation Firewalls within the ICS Network

September 26th, 2016 / By

A next-generation firewall (NGFW) enforces security policy on multiple layers of the OSI model. In addition to a traditional network layer firewall, an NGFW is able to filter at the application layer as well.


Categories: Industrial Control Systems / Tags: , ,

Defending ICS: How Are We Doing?

August 11th, 2016 / By

Seven months have passed since the Department of Homeland Security issued Seven Strategies to Defend ICSs and the time seems ripe to consider the state of control system cybersecurity.


Categories: Industrial Control Systems / Tags: , , , , ,

When a Nuclear Plant is Hacked, It’s Time for New Best Practices

May 2nd, 2016 / By

As reported April 27, one such incident involved the Gundremmingen plant in Germany that was found to be infected with malware intended to allow remote access. Even though the viruses seem to have posed no threat to operations of the plant 75 miles from Munich, it’s scary stuff when malware finds its way into a nuclear facility, and onto its industrial control system (ICS).


Categories: Cyber Security / Tags: , , , , ,

DHS Offers Industry Seven Steps to Comprehensively Defend Control Systems: 3eTI Weighs In

February 26th, 2016 / By

Days before the New Year rang in, and less than a week after a cyber-attack cut electricity to tens of thousands of Ukrainians, the Department of Homeland Security released new guidance on tightening security in “as-built” industrial control systems (ICS). The recommendations, presented in “Seven Steps to Effectively Defend Industrial Control Systems,” are high-level but clearly support elevating the cybersecurity posture of ICS and critical network infrastructures.


Categories: Cyber Security, Industrial Control Systems / Tags: , , ,

Ukrainian Power Grid Hacked, Lessons Learned

January 7th, 2016 / By

As reported in DataBreachToday and elsewhere in recent days, hackers gained remote access to power production systems in western Ukraine, taking multiple electrical substations offline late last month. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed that the December 23 blackout, which lasted three hours and darkened about 1.4 million homes, resulted from the BlackEnergy espionage Trojan and KillDisk wiper malware.


Categories: Industrial Control Systems / Tags: , , ,

How to Secure Industrial Control Systems for High Reliability and Robust Performance

September 15th, 2015 / By

I am always pleased to share operationally sound methods for deeply layering security, and I frequently demonstrate live hacks that illustrate how exploits can be countered undetectably to hackers once they’ve breached the firewall — as they inevitably will.


Categories: Industrial Control Systems / Tags: , , , , , , ,

The High Cost of Playing Down ICS Cybersecurity

June 20th, 2014 / By

When Reuters reported May 20 that an unnamed American utility’s control system was hacked, according to the Department of Homeland Security, the story and DHS pointed out that despite no apparent operational impact, the utility probably had been hacked before. The agency’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said, according to Reuters, that employees probably let the hackers in through an Internet portal that used a password system vulnerable to brute force hacks.


Categories: Critical Infrastructure, Cyber Security, Industrial Control Systems / Tags: , , , , ,