“I believe that this nation should commit itself to achieving the goal, before this decade is out, of landing a man on the moon and returning him safely to the earth. No single space project in this period will be more impressive to mankind, or more important for the long-range exploration of space; and none […]
Results from ThreatConnect webinar on mitigating risks in critical infrastructures and on-going actual risks
July 21, 2021, I participated in a live webinar discussion, hosted by ThreatConnect’s Dan Verton, on mitigating risk in critical infrastructures with Bob Kolasky from DHS CISA and Tim Grieveson from Aveva. The webinar link can be found at ThreatConnect Podcast Ep. 21: Mitigating Cyber Risk in Critical Infrastructures I met Dan in 2001 when […]
ThreatConnect July 21, 2021 webinar on mitigating risks in critical infrastructures
July 21, 2021 from 1-2pm EDT, I will be participating in a live webinar discussion on mitigating risk in critical infrastructures with Bob Kolasky from DHS CISA and Tim Grieveson from Aveva. The link can be found at https://threatconnect.com/mitigating-cyber-risk-in-critical-infrastructure/.
Sensor monitoring technology can make critical infrastructures less attractive targets for ransomware
Ransomware and other IT-originated cyberattacks can affect control systems when IT networks are connected to OT networks or insecure IOT devices are connected to OT networks. Off-line sensor monitoring technology doesn’t stop a ransomware attack, rather the technology is oblivious to the ransomware or IT attack. The off-line process sensor monitoring can provide real time […]
Applying Cryptography to Control Systems
Dale Peterson says let’s not continue to wave our hands about the use of Cryptography in the lower layers of control systems. I agree. He’s proposing that we build on Cryptography use cases as they are known now. That’s a start, but this is where most people reach the end of their knowledge and then […]
It may not be possible to recognize a “Cyber Pearl Harbor” as a cyber event
Ransomware attacks will continue to occur as they are so profitable. Unlike control system cyberattacks, network cyberattacks are short-lived as they do not damage critical hardware which is why network cyberattacks are not a “Cyber Pearl Harbor”. Yet that is the government and industry’s focus. For control systems, it is the opposite. When a control […]
Food For Thought: How Hackers Are Using Your Control Systems to Launch Cyberattacks
I did a podcast with Erin Hallstrom of Putman’s Food Processing on the global threat to food safety. The podcast was issued June 25, 2021 – Food For Thought: How Hackers Are Using Your Control Systems to Launch Cyberattacks
July 1st Air Force Cyber College Control System Cyber Security Seminar
July 1, 2021 from 1:00-2:00PM CDT, I will be presenting “Beyond Ransomware – Cyber Security is More than IT” to the US Air Force Cyber College. With the spate of public disclosures about ransomware incidents, why are the Chinese transformer case, SolarWinds impacts on control systems, and other actual control system incidents not being discussed? It […]
Time to start thinking of your operations as a target
“Whenever you do a thing, act as if all the world were watching”[1] – Thomas Jefferson Jake Brodsky shared an article about another water utility incident and went on to write a blog about it ( https://scadamag.infracritical.com/index.php/2021/06/17/yet-another-water-plant-at-risk/ ). Both of these got me thinking. Assuming there is a desire for achieving excellence is there something […]
Yet Another Water Plant at Risk?
It’s Thursday, June 17th and yet another water utility got hacked using Teamviewer and an account that should have been removed. Ladies and Gentlemen of the water utility business: Please get more serious about how you manage remote access. If you don’t absolutely need it, don’t use remote access software. If you have people on […]