Most in this business know who Brian Krebs is. He is well known for looking in the dark corners of the Internet for all sorts of obnoxious evil and documenting it. In the last day or two, he encountered what appear to be record levels of traffic aimed against his web site. His host, Akamai, […]
Category: General Topic
Will the next “revolution” in information and communications technologies follow the same fate of failed political ones?
Political revolutions have a tendency to backfire. The high ideals of “liberty, fraternity and equality” behind the 1789 French Revolution ended with the guillotine. In the Russian Revolution of 1917 the promises of “peace, bread, and land” led to the Gulag. Even technological revolutions of the past had have downsides to them. One possible cause […]
Security Wrongs and Rights
I’m noticing a disturbing trend of late: Some end-users are actively trying to impose security from outside staff upon operations. In fact, some vendors are suggesting that this is a good thing to do. Sadly, imposing security on others is a doomed effort. They’re going to fail badly because they’re not thinking ahead of the […]
Meditations on Icelandic tomatoes and the challenge of raising cybersecurity awareness
Raising the awareness for a cybersecurity practitioner about the vulnerabilities of IT and Industrial Control Systems to today’s threats emanating from cyberspace can sometimes resemble the hopeless task of Sisyphus(1). The practitioner has the knowledge but it is not an easy thing to convey the concerns to higher management that may not be as technically […]
To prevail against the cat, the mouse must know the cat … and read some Sun Tzu
Last year I listened to a lecture on cybersecurity which included a prediction that we may be entering an age of “unhackable” equipment. The idea was that it will be possible to apply new encryption algorithms and improve the security aspects of hardware enough to make them immune to cyber-attacks (https://www.youtube.com/watch?v=kBXGRkan7rY ,see at 4 min. […]
Seeking to Develop Exercises That Test Response Capabilities to Any Threat & Add Value
Conducting an exercise can be a very useful tool for testing policies, procedures and actions of institutions for dealing with a perceived threat scenario. It offers the advantage of providing an idea of what would really happen if the worst was to happen without doing any real damage. It can provide answers to questions without […]
Smart Technology That Isn’t So…”Smart”
During the week of July 17th, I attended and spoke at the “Business Opportunities Gateway Forum – Electrical Power and Energy” which was held in Vilnius and organized by the Society of Electrical and Electronic Engineers in Israel. I looked forward to this event for the opportunity to spend some time with engineers and talk […]
Complexity or Not?
At Digital Bond’s website, Mike Toecker makes a case for complex control systems in that complexity often brings efficiency and performance with it. While efficiency and performance are certainly noble goals, they’re not the only ones. If you’re in Critical Infrastructure, there is another goal that gets a higher priority than either of these two […]
Did a “Ninja Squirrel” Cause the Northeast Blackout in 2003?
As many people discovered from the postmortem of the Northeast Blackout of 2003, it was a widespread power outage that occurred throughout parts of the Northeastern and Midwestern United States and the Canadian province of Ontario on Thursday, August 14, 2003, just after 4:10 pm EDT. Some power was restored by 11 pm; however, many […]
Complexity – The Difference Between a Widget and a Thingy
I was discussing this with Bob and he pointed an interesting word use I had stumbled upon: Thingy. Bob pointed out that a thingy is what people call things they don’t understand. A widget is a thing that you do understand. Our SCADA systems used to be composed of widgets that we could work on. […]