The European Network and Information Security Agency (ENISA) just released a new study this month that looks at protecting the security of industrial control (or SCADA) systems (ICS).
The study recognizes that industrial control systems are truly a strategic asset and must be protected against the rising potential of cyber terrorist attacks with Keep reading →
It is getting to the point that those reporting acts of cyber aggression, particularly in the area of cyber espionage, think they are in a repetitive do-loop. It is the same story over and over again with the only difference being the list of victims.
The news of late has been the discovery of yet another sophisticated cyber attack that resulted in the collection of untold information, some general some sensitive, from the business community as well as defense contractors and government officials. Keep reading →
Cyber intelligence has emerged as the single most critical element in cyber defense. The private sector owns and operates the vast majority of the U.S. critical infrastructure which has become a high value target for those who wish to harm the United States. In addition, the private sector produces a substantive portion of the technology used to defend the nation, which if compromised could be very damaging.
On Dec. 1, 2011 the House Permanent Select Committee on Intelligence Committee Chairman Mike Rogers introduced what is being called a ground-breaking piece of legislation. Keep reading →
Ever since the discovery of the Stuxnet cyber attack on Iran’s nuclear enrichment program and the assignation of Iran’s chief Stuxnet Investigator, Iran has been hell-bent on developing offensive and defensive cyber capabilities.
Over this past year or so numerous comments about the cyber domain that have come out of Tehran and recently the leader of Iran’s Cyber Defense Organization, Brigadier General Gholam-Reza Jalali stated that Iranian computer experts are adequately prepared to defend the country against any possible cyber attack. Based on open sources they seem to have put cyber intelligence secondary to attack and defensive capabilities. Keep reading →
Terrorist groups have primarily used physical attack modalities in their efforts to undermine society. Those methods now include cyber attacks.
International sources have released information that British intelligence services have intercepted communications–that they term chatter–that suggest terrorist may be planning a cyber attack on British infrastructure.
As Britain has modernized over the years they have become much more reliant on computer, digital communications and networks. That reliance is very tempting to adversaries. The face of terrorism has continued to change year after year. They adapt, innovate and morph their strategies and tactics. Keep reading →
Last week word began filtering out about a suspected cyber attack on a water treatment system in Illinois. After a preliminary investigation into a pump failure, the issue quickly became a cyber incident.
Further analysis suggests that the actual breach and malicious activities began a couple of months ago. Workers at the water treatment facility determined the system had been hacked and the IP address used to carry out the cyber sabotage was tracked back to a computer in Russia. Keep reading →
As I write this article, there are currently more than 10 different bills being evaluated in various Congressional committees, all of which address some aspect of cybersecurity.
Many of these bills are large, over-arching concepts – FISMA 2.0 and the like. But many others are being developed to address the specific risks and threats of certain types of systems, from “critical infrastructure” (generally regarded as assets that associated with energy production and distribution, the food supply, and national defense), to financial systems, healthcare and pharmaceuticals, and other industries. Many of these bills – if passed and signed into law – will mandate industry-specific security controls, risk calculations, and other requirements for private organizations. Keep reading →