(cross-posted from the SCADASEC mailing list – posting was reply from Marina Krotofil) A couple of other friends reached out and asked for more details and more thoughts.So I wanted to add a couple more things. Note, that I do not havevisibility into the EXACT configuration of LvivTeploEnergo infrastructure,which is insanely complex as well as […]
Category: Protocol
Report of another PLC compromised using cyber means
(cross-posted from the SCADASEC mailing list – posting was reply from Marina Krotofil) I just went through the Dragos report, the Wiredarticle, the Ukrainian sources, Nozomi report, some more foreign articles,Medium articles, Dale Peterson opinion piece, CERT-UA page, spoke to someICS folks who already looked into the sample, and I have so many questions. 1. […]
Control system cyber incidents are much more plentiful than people realize
Control systems are systems of systems. Consequently, when one device or system is compromised, it can impact many others, potentially numbered in the tens to thousands. If I were to have counted all of the individual cases, my database would have almost 12 million control system cyber incidents. The insurance industry and credit rating agencies […]
Monitoring RTU flags for SCADA Integrity
I wrote that there would be more about this subject in my earlier blog about self integrity monitoring at the Physical Layer of a SCADA system. In this discussion I will outline some things we’re doing to test for self integrity at the RTU level of a SCADA system. Some of you may know that […]
SCADA Radio follies
I maintain several SCADA masters with licensed MAS radios. The older radios had served us long and well. However, we’re starting to see failures on the back side of the classic bathtub curve. Two days ago, we installed a new radio at one of our smaller master sites. This was our first swap-out of a […]