Friday, February 4, 2011

Cyber Vulnerable

"Cyber Vulnerable" is a new one for me and makes me giggle like a school girl. It's likeable in a way that only unnecessarily adding 'cyber' in front of things can be liked.

Here's the original story.

I do agree with this excerpt, though:
Exclusions for non-routable protocols are ludicrous. They are cyber vulnerable and make up most of the communications in utility operations.
Media converters are rampant in ICS networks and effectively give serial-based devices, which the asset owner intended to 'hide' behind serial communication, an IP address thereby becoming addressable and reachable by a routable protocol.

Is a media converter the new "We're secure. We have a firewall and anti-virus"?

Thursday, January 27, 2011

Schweitzer Engineering Laboratories Cybersecurity Posters

You can find them all here.

There are a few good ones in there, but I can't help adding my own commentary to some of them.

"The best security has many layers...and makes you cry when you try to implement it."

"The best cybersecurity has many layers...and tastes delicious." 
or 
"The best cybersecurity has many layers...and goes well with Freedom Fries."

"What's in Your Computer? Scan Regularly for Viruses...and always check for teh Stuxnet"

"Don't use default passwords...or sharks will eat you."

Thursday, December 30, 2010

YOU could be next

Sent in by a favorite cyber-cynic.

if you don't buy our help you will be assassinated zomg look theres a red dot on your forehead get down get to the choppa nau!

Thursday, December 23, 2010

Tuesday, December 21, 2010

Cyber Terrorist

Julian Assange: A threat to US National Security
Vice President Joe Biden, who appeared on NBC’s Meet the Press this Sunday, hinted that the Justice Department was close to its goal but wouldn’t give too many details. Vice President Biden went on to say that Assange was, what he considers, a “cyber terrorist”.
What kind of terror is Julian Assange inflicting? So far it seems like the kind that inspires CYA and a bit of bureaucratic chaos.

2009 Brazilian blackout

Wired has a follow up piece on this story after WikiLeaks leaked cable shed some light on the situation:
The Nov. 10, 2009, blackout came just two days after the CBS News magazine 60 Minutes reported that an earlier outage in the Brazilian state of Espirito Santo in 2007 was the work of hackers. And it came just one day after Threat Level reported that, no, it wasn’t.

Cyberspies have penetrated the U.S. electrical grid

One of my all time favorites from the Wall Street Journal.

"Electricity Grid in U.S. Penetrated By Spies"

Here are some choice quotes:
The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.
 It shouldn't be too hard for them to find and infiltrate generation sites when they're all public knowledge.
The espionage appeared pervasive across the U.S. and doesn't target a particular company or region...
Yes, this sounds like espio^H^H^H^H^Hmalware.
Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.
Worried, but not worried enough to do anything about it? I would hope that some sort of notice took place. I've read enough spy novels to let my imagination run wild and I've seen enough installations to have that imagination brought back to reality. Must be the cynic in me.