Please update your browser's security settings.
To maintain the highest security standards, we will be disabling support for browsers using TLS 1.0. Learn more and upgrade your browser here.

 

Entries from April 1, 2011 - April 30, 2011

FPL Wind Farm Hack Disclosure Sloppy

The creator of the Florida Power and Light disclosure did a very sloppy job in trying to pull off that hoax. He uploaded generic HMI screens from a SCADA vendor that does not sell into the wind energy industry, cited the wrong type of control system components, used incorrect names for the facility, and even used graphics from a system that had German words on the HMI. The last time I checked, I don't think we have German system operators running wind farms in the US.

What seems puzzling to many of us in the SCADA indsutry is why would someone go through the process of disclosing such obvious incorrect and inconsistent information? SCADA Security leaks and vulnerabilities impacting critical infrastructure seems to be the new "shinny penny" that gets the media attention these days, so maybe it was done as a way to gauge how quickly it would be picked up in the media. Regardless of the intent of this, at least the lesson we can all learn is how important it is to guard sensitive information about SCADA and ICS systems. We should also as an industry do a better job of qualifying and confirming information disclosures.

Jonathan

Florida Power and Light

It has long been know that employee terminations need to be handled with sensitivity and great care. Even more special attention needs to be placed on the KNOWLEDGE that these individuals have when being let go, or in this case termination.

Florida Power and Light has had what some would conscider a significant breach of their security. In a post on Full Disclosure, a former employee posted several screenshots and a series of details including a core Cisco router config. If this information is confirmed by FPL, this would indicate a very severe event, of which the fallout could be felt for years.

More on this event to follow.

_J

Jonathan Pollet with Red Tiger Security Featured Speaker in Rome, Italy

The AIIC (Critical Infrastructures Italian Association) and GCSEC (Global Cyber Security Center) is hosting a Critical Infrastructure Protection conference on May 31st in Rome, Italy. I have been honored to be the featured speaker at this event, and many thanks goes out to my long time friend Enzo Tieghi for organizing this event.

I will be speaking about the latest APT attacks impacting SCADA Systems and the most common vulnerabilities that we are seeing in the SCADA and DCS assessments we are performing around the world. It should be an excellent information sharing event, and I am also excited to learn about what our friends in Italy are doing about protecting their critical national infrastructure.

The link to the conference site is: http://www.gcsec.org/event/cyber-threats-facing-scada-systems

Drop me a line if you will be in the area - I know I'll be savoring the local Mozzarella di Bufala and Margarita Pizzas :)

Ciao!
Jonathan

Share This Page