We hear a lot about vulnerabilities in industrial control system (ICS) software. In fact, that’s all we seem to hear about these days. The truth is: there’s a lot to write about. In just the last month, the Department of Homeland Security’s ICS-CERT warned its members about the ability of sophisticated – and even unskilled – attackers to use tools like the Shodan and ERIPP search engines to locate and attack vulnerable industrial control systems (PDF) that are accessible from the public Internet. In the meantime, every couple of weeks brings revelations about serious and remotely exploitable software holes. Most recently, ICS-CERT warned about a critical vulnerability EOScada (PDF), a Windows-based Energy Management System that is used to configure and manage intelligent electronic devices (IEDs) used in electrical, water, sewage and gas applications. But what about real evidence of compromised SCADA and industrial control systems? That’s a taller order. After all: most […]
Recent Posts
Medical Pumps Recall: Bug Causes Inaccurate Readings on Touchscreen
Mobile phones aren’t the only products to benefit from nifty touch screen displays. A whole range of medical devices now sport them, also – as any trip to your local emergency department (or dentist’s office) will reveal. Unfortunately, many of those devices are just as balky and bug ridden as your average mobile phone -despite the fact that patients’ lives can rely on them. And this week, there’s more evidence of the lurking epidemic of shoddy, IP enabled medical devices. The medical device maker Hospira issued a voluntary, nationwide recall of its Symbiq brand infusion systems after discovering a software error that caused the touch screen interfaces on the devices to respond incorrectly to user input. The problem could result in “a delayed response and or the screen registering a different value from the value selected by the user,” the company said in a statement. Symbiq is a drug infusion […]
Forget Cyberwar, Sandy Puts Continuity Plans To the Test
We’ve all read a lot about the potentially devastating impact of a pre-emptive, nation-state backed cyber attack on our critical infrastructure in recent years. Why, it wasn’t more than two weeks ago that Defense Secretary Leon Panetta warned about the dire consequences of a “digital Pearl Harbor.” An “aggressor nation or extremist group,” he warned “could use these kinds of cybertools to gain control of critical switches … [and] derail passenger trains, or even more dangerous, trains loaded with lethal chemicals,” according to a report in Stars and Stripes. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.” It’s scary stuff, for sure. But not unprecedented. In fact: anyone on the Eastern Seaboard of the United States can look out their window right now and see a major dry run (more like a wet run) of a massive […]
FBI Surveillance of NY Fed Terror Suspect Included Facebook Chats
The FBI’s surveillance of Quazi Nafis, the alleged terror suspect who tried to blow up the New York Federal Reserve Bank, included Facebook chats between Nafis, a co-conspirator and a confidential FBI source, according to a copy of the indictment released on Wednesday. The indictment details a months-long investigation of Nafis, a 21 year-old Bangladeshi and Queens, New York, resident who entered the U.S. on a visa in January, 2012. While much of the surveillance consisted of recorded phone- and in person conversations, Nafis also used Facebook in July to debate with his co-conspirators about whether his planned act of jihad was sanctioned under Muslim law. Nafis was arrested in New York’s financial district Wednesday after he attempted to detonate what he believed was a truck bomb parked outside the New York Federal Reserve bank. The bomb was assembled by Nafis and a co-conspirator using inert materials supplied by the […]
Are Security Firms Ducking Attribution for VOHO? (Rhymes with ‘Carolina’)
RSA left few stones unturned in its recent report (PDF) on the so-called “VOHO” attacks against pro democracy, military industrial base and high finance firms. But one question that was notably left unanswered was perhaps the most important: “Who, or what, was behind the attacks?” Now the lead RSA security researcher trusted with analyzing the malware used in recent “watering hole” attacks tells Security Ledger that the malware left some clues as to the origins of the attacks, which affected tens of thousands of systems in more than 700 organizations, but not enough to conclusively link VOHO to a specific group, country or actor. “It’s hard to tell,” said Chris Elisan, a Principal Malware Scientist at RSA and the lead investigator into the malware used in the VOHO attacks. “The malware is only part of it,” he said. Other parts of what Elisan called the “attack chain” are needed to identify […]
