Recent attacks on the third-party data system of several U.S. pipeline companies highlight the persistent need for better ways to secure industrial control systems (ICSs), particularly when third-party software is in use, security experts said.
Podcast Episode 90: WannaCry zombie haunts Boeing, UL tests for cyber security and Harvard war games election hacking
Podcast: Play in new window | Download (Duration: 48:33 — 55.6MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast, Episode #90: has the WannaCry ransomware returned from the dead? We talk with an expert from Juniper Networks about what might be behind the outbreak at Boeing. Also: Underwriters Lab and Johnson Controls join us on the podcast to talk about a recent milestone: UL’s award of the first ever Level 3 certificate for cyber security. And we speak with one of the organizers of one of an election security table top exercise last week at Harvard’s Kennedy School.
Podcast: Play in new window | Download (Duration: 1:19:19 — 90.8MB)Subscribe: Android | Email | Google Podcasts | RSSIn this, our final episode of 2017, we look back at our most popular segments from the past year – many of which touched on issues that (surprise, surprise) crossed the boundary between information security and politics. Among the most popular segments were discussions of hacking the U.S. election systems, a primer on the cyber capabilities of North Korea with Crowd Strike, a conversation of the case against the Russian firm Kaspersky Lab and an interview with the guy who helps make the hacking scenes in the USA Network’s Mr. Robot look so real.
Hackers believed to be affiliated with a nation-state hacked into emergency shutdown systems at a facility in the Middle East. The attack seemed intended to “cause a high-impact attack with physical consequences,” according to reports from a number of cyber security firms.
Researchers at CyberX say they have found a way to sneak sensitive data off of industrial control system networks using radio frequency communications. The attack could be used to compromise so-called “air gapped” networks that are not connected to the Internet.