Securing ICS Environments

Beyond all the doom-laden headlines on a possible "digital Pearl Harbor" scenario, how great is the actual risk and where is it most likely to emerge?
A complete discussion of the different vulnerability categories, including case studies of vulnerable SCADA HMIs. The paper also provides a guide for vulnerability researchers, as well as vendors on quick and efficient bug discovery.
In the US and other locations worldwide, gas stations are primarily privately owned. While most of them have been modernized, there are still a lot of risks tied to their business, especially those that are connected to the Internet.
This research paper looks at the mining industry as a target for a broad set of threat actors, its role in regional and global supply chains, and its vulnerabilities.
With a little SDR knowledge and a $20 USB dongle, attackers can read unencrypted pager messages from far away. This time, we look at what that means for nuclear plants, HVAC, manufacturers and other industries still using pagers.
A cyber attack on a German steel plant has been confirmed to suffer a significant amount of damage, putting the spotlight on the evident lack of security across a number of different critical facilities and institutions.
This research provides a comprehensive look into the security challenges and attacks on critical infrastructure that member states of the Organization of American States had to face in 2014.
TRITON or TRISIS (detected by Trend Micro as TROJ_TRISIS.A) is a recently discovered malware that was designed to manipulate industrial safety systems and most notably was involved in shutting down an industrial plant’s operations.
As smart devices become more prevalent and are used in critical situations, software developers will have to understand that they now have a greater responsibility to keep their software products safe.
To compete in today’s market driven global economy, businesses opt for control systems that automatically manage processes. ICS enables efficiency, but are connected, heightening threat exposure and corresponding business risks.
By analyzing ICS-CERT advisories and the vulnerabilities provided by our network of world-wide researchers working with the Zero Day Initiative program, it is possible to get an understanding of the attack surface that is exposed by HMI solutions.