Real-world vulnerabilities in power generation

Real-world vulnerabilities in power generation

Schweitzer Engineering Labs has published an excellent paper on the Aurora vulnerability, which was originally discovered by DHS/INL in 2007. (Hint for IT folks: This vulnerability is completely unrelated to the attack against Google.) The paper is a must-read for...

Low-key controller attacks revisited

Discussion in industry forums made me realize that not all of my presentation at WeissCon was properly understood – perhaps for the simple reason that talking about two completely different subjects in one talk can be difficult to follow. Because the subject is...

DHS‘ new semantic approach to risk mitigation

Marty Edwards, acting director of ICS-CERT, stunned me today at WeissCon when he explained the policy behind how ICS-CERT issues security advisories and alerts. Marty introduced a fresh approach to looking at vulnerabilities by excluding anything that appears not to...

Cyber deterrence debate podcast is online

Brookings has already released a recording of the deterrence debate between Ralph and Dmitri Alperovitch that took place earlier today. The podcast is available...
Killing S7 controllers with Metasploit

Killing S7 controllers with Metasploit

Joe Weiss asked me to explain low-key controller attacks at his upcoming security conference in DC, such as what we have recently illustrated with our fourteen-byte time bomb. To make the case even more plausible, we implemented a Metasploit module. After execution,...