SCADA

February 11, 2019

THREAT RESEARCH

What you can learn from Cisco Talos’ new oil pumpjack workshop

Paul Rascagneres wrote this blog post with contributions from Patrick DeSantis from Cisco Talos ARES (Advanced Research/Embedded Systems). Executive summary Every day, more industrial control systems (ICS) become vulnerable to cyber attacks. As these massive, critical machines become more interconne…

December 20, 2016

THREAT RESEARCH

IEC 104 Protocol Detection Rules

IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and Data Acquisition (ICS/SCADA) asset owners to allow the identification of both n…

Don’t play cat and mouse with grid security

Many of us remember growing up watching the TV show Tom and Jerry. Tom always plots to capture Jerry resulting in mayhem and destruction, but Tom rarely, if ever, is able to catch Jerry because of Jerry’s cunningness. Source: Google Play Jerry’s ability to beat Tom is more than just luck. It’s his…

HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments

The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and…

Energy Networking Convergence Part 1 – The Journey From Serial to IP

This is the first of a four part series on the convergence of IT and OT (Operational Technologies) Part 2 will cover the impact of the transition to IP on Physical Security and the convergence of Physical and Cyber Security. Part 3 will discuss the convergence of IT and OT – Operational Techn…

October 30, 2013

SECURITY

Your Device Is Wide Open on the Internet!

Stop-think-connect is not only for kids. Everyone, including nerds like me and network and security professionals, should pay more attention before connecting any device to the Internet. Routers (wireless and wired), industrial control systems, video surveillance cameras, fire alarm systems, traffic…