Cyber Security: ENISA White Paper: Can we learn from Industrial Control Systems/SCADA security incidents?
14 Oct 2013
The EU’s cyber security Agency ENISA released a white paper today, giving recommendations regarding prevention and preparedness for an agile and integrated response to cyber security attacks and incidents against Industrial Control Systems (ICS)/SCADA.The Executive Director of ENISA Professor Udo Helmbrecht commented: SCADA systems are often embedded in sectors that are part of a nation’s critical infrastructure, for example power distribution and transportation control, which makes them an increasingly attractive potential target for cyber attacks, ranging from disgruntled insiders and dissident groups, to foreign states. Such systems should be operated in a manner which allows for the collection and analysis of digital evidence to identify what happened during a security breach.
Video on major cyber incident reporting in the electronic communications sector
14 Oct 2013
Since 2009, the EU legislation (Article 13a in the Framework Directive of the Telecom Reform) asks EU countries to ensure that the electronic communications service providers are taking the right steps to protect the networks and services from incidents. Article 13a also obliges providers to report significant outages to government authorities, and in turn, asks government authorities to share these reports with the European Commission and ENISA. To highlight the importance of incident reporting and to explain how the Article 13a Expert Group works, ENISA have made a 5 minute video, containing interviews with ENISA experts and some of the key stakeholders.
This article is based on presentations made at the 2013 ISA Water/Wastewater and Automatic Controls Symposium on 7 August 2013 (www.isawwsymposium.com).Network security for water sector process control systems (PCS) is increasingly important and ever evolving due to the need for secure and reliable control systems. The approach for a multilayered water sector PCS using VLAN segmentation for subnetworks provides a foundation for which secure PCSs can be developed. By using the strategies and tools such as the four-phase process of assessment, design, implementation, and procedures/maintenance, a water sector PCS network can be customized to provide a secure and manageable PCS network.
Security patches can impact reliability and safety and people aren’t aware!
8 Oct 2013
ICS vendors asks if their utility has kept current with the latest security patches. The answer is the engineering supervisor does not know. The ICS vendor‘s technical documentation usually does not identify recommendations specifically as security patches. Consequently, even though the utility is up-to-date with all patching including security, the engineering supervisor does not realize that security is included.
Internet Census 2012 data: millions of devices vulnerable by default
8 Oct 2013
An Australian researcher with access to the data collected by the Carna botnet, also known as the Internet Census 2012, enumerated and analyzed devices exposed to the Internet in the IPv4 address space and found a number of troubling trends.The security of embedded devices and the insecure practice of not removing default credentials is a huge issue, in particular with SCADA and industrial control system equipment.
United States with Mexico and Canada last the largest emergency drill "electrical blackout" of history. Participate more than 5,800 electrical installations throughout North America and thousands of employees and members of Civil Protection, Homeland Security and the FBI.The next 13-14 November 2013 across North America will be in the dark by a solar storm or a cyber-scale terrorist attack, but only on paper.
HD Moore principal investigator and founder Rapid7 Metasploit Project, Sonar has launched the project to promote the discovery and reporting of security vulnerabilities in software and hardware providers online. The Sonar project is a community effort to improve security through active analysis of public networks. This includes running scans Internet connected to public systems, organize data and share results with the community. The three components of this project are tools and research data sets. Rapid7 site is used for advertising, document and discuss these components.
Spain advances in the protection of critical infrastructure against cyber attacks
8 Oct 2013
In Spain the cybersecurity industry is a relatively new field, although there are certain companies that take time incorporating measures to prevent cyber threats and has also begun to legislate. Since 2007 there is the National Center for Critical Infrastructure Protection (CNPIC) but until the law has not come into force has not been formalized operation. The CNPIC has a team of specialists and tools to respond in case of a threat or an attack on a key computer system, called INTECO-CERT.
INTECO has participated in Tallinn (Estonia) in a meeting organized by ENISA, the European Network Security and Information, in collaboration with the Estonian agency information systems, EISA (https://www.ria.ee/en/). Miguel Herrero, INTECO security expert, presented the project SCADA LAB, explaining existing test environments nationwide. In particular, highlighted the activities carried out by INTECO in the European project SCADA LAB as a first approach to this type of environment.
Successful conclusion of 2nd International Conference on Cyber Crisis Cooperation and Exercises
8 Oct 2013
ENISA concluded the 2nd International Conference on Cyber Crisis Cooperation and Exercises, taking place in Athens, 23-24 Sept. The conference gathered more than 120 key international policy and decision makers in cyber-security which came from more than thirty different public and private organisations.The focus of this year’s conference was on cyber crisis cooperation and exercises, and international cooperation during a crisis, by included topics such as information gathering and common situational awareness, escalation processes and procedures, the cyber crisis management in a crisis management context, cross-country cyber exercises, alerting systems, means and tools of information exchange for cross-border NIS cooperation, and communication, managing public relations and media in the case of major cyber-incident.