I’m glad CISA is providing a companion document w/ the DOJ indictment of the Russian govt operators who targeted ICS. Lots of great info but please don’t follow their mitigation advice for ICS. It’s not practical & in some cases dangerous. A quick thread: https://t.co/Xm0Ke429hL
UPDATE 3: #Ukraine informs IAEA that missiles caused no damage to Kiev radioactive waste facility; IAEA chief @RafaelMGrossi urgently appeals to parties to refrain from military or other action that could threaten safety and security of nuclear facilities. https://t.co/Q4FUtB5fft
There's a lot of hot takes on critical infrastructure and questions about why certain things are "online" in the first place. Just think about what a godsend it is for engineers to manage massive infra remotely. The focus for defense is on the links and software they use.
If we find, whoever it is, targeting ICS. We’ll disclose it. It’s legitimately that simple.
I don’t know why private sector firms pick sides. The side to pick is that of non-combatants. And anyone who served in the military knows that.
A reminder to senior peeps that whatever you do as a manager, exec, or lead IC is noticed by your junior people / direct reports, and they may feel pressured to emulate you. This can be good, but it can also be bad - if you don't take time off, work horribly extended hours, etc.
If you are a critical infrastructure company that experiences a cyber attack and you do not have an actual CISO your Congressional hearing is going to suck.
@hacks4pancakes I’m a recent grad and I’m not too worried. Go to school for EE or CS and get an internship at a utility or some gov infrastructure to fill in the gaps. More ICS curriculum will start to trickle in to unis soon, but you can still be competent in ICS if you augment your learning
I’m proud to announce the most significant update to my SANS ICS515 class to date. The course is renamed as a result to “ICS Visibility, Detection, and Response”, is now a 6 day class, has a whole new PLC kit, and more. Details in the blog and thread below https://t.co/x7a7taTtSy
Every hurricane and natural disaster is an opportunity to be thankful for the utility industry and our industrial operations workers. Preparation and response efforts in the electric industry as an example are top notch and truly a community wide task.
Seeing lots of hysteria around recent vulnerabilities potentially impacting ICS. “OMG code exec on the device!”…but the default user/pass is admin/admin and isn’t easily changeable by customers
New @CISAgov & @FBI alert on Chinese cyber targeting pipelines. Notable line: “CISA and FBI assess that these intrusions were likely intended to gain strategic access to the ICS networks for future operations rather than for intellectual property theft.” https://t.co/a29Vs2yiYa
The Second Annual Binary Golf Grand Prix starts tomorrow, and I finally put all of last year's entries into a git repo! Will be tracking all future entries here. Check it out: https://t.co/gg2f43mhFZ
Remy developed a method to reliably fingerprint and identify GreyNoise nodes and reported it to us. We offered to pay him a reward. He insisted we donate his reward to charity instead.
So we did, and then we matched it.
Remy is an absolutely stand-up human.