On September 12th the Cyber Senate will be hosting the European Rail Cyber Security Working Group in a roundtable format with discussion groups in the morning and outcomes presented in the afternoon. Capped at 70 participants, this face to face knowledge sharing exercise is specifically designed to assist all stakeholders in the rail ecosystem with an opportunity to assess their security posture, and collaborate with their industry counterparts.
Already confirmed table leaders include the Rail Delivery Group, Deutsche Bahn, and the ERTMS Users Group. More announcements will be made shortly.
The Cyber Senate are pleased to announce the IAEA will be joining us as Key Note presenters on the Industrial Control Cyber Security Nuclear conference we will be hosting in Warrington UK, May 24-25th 2016.
For further information see www.industrialcontrolsecuritynuclear.com
According to Symantec, “A new information stealer, Trojan.Laziok, acts as a reconnaissance tool allowing attackers to gather information and tailor their attack methods for each compromised computer.”
More information can be found on Symantecs blog and we highly suggested familiarising your firm with this latest threat as although it is focused on the Middle East, it started as a “Multi staged attack campaign against energy companies around the world.”
“The Energy Sector led all others again in 2014 with the most reported incidents” Please find the report here https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_Sep2014-Feb2015.pdf
“Of the total number of incidents reported to ICS-CERT, roughly 55 percent involved advanced persistent threats (APT) or sophisticated actors. Other actor types included hacktivists, insider threats, and criminals. In many cases, the threat actors were unknown due to a lack of attributional data.”
Those involved in the security sector however are quoting numbers for higher than this, as many incidents go unreported.
The Cyber Senate are pleased to announce Mr Marty Edwards, Director ICS CERT, Department of Homeland Security will be joining us as the Key Note speaker on October 13th and 14th in Sacramento California for the 2nd annual Industrial Control Cyber Security USA conference.
Assistant Deputy Director, National Cybersecurity and Communications Integration Center (NCCIC) Director, Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Department of Homeland Security Marty Edwards is the Director of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), an operational division of the department’s National Cybersecurity and Communications Integration Center (NCCIC) and the DHS Office of Cybersecurity and Communications (CS&C) ICS-CERT works to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local and tribal governments, as well as industrial control systems owners, operators and vendors. In collaboration with the other NCCIC components the ICS-CERT responds to and analyzes control systems related incidents, conducts vulnerability and malware analysis, and shares and coordinates vulnerability information and threat analysis through products and alerts.
Mr. Edwards has over 20 years of experience and brings a strong industrial control system industry focus to DHS. Before coming to the ICS-CERT, Mr. Edwards was a program manager focused on control systems security work at Idaho National Laboratory. Prior to his work at the laboratory, Mr. Edwards held a wide variety of roles in the instrumentation and automation fields, including field service, instrument engineering, control systems engineering and project management. Mr. Edwards has also held various positions in nonprofit organizations, including Chairman of the Board for one of the automation communities’ largest user group conferences. Mr. Edwards holds a diploma of technology in Process Control and Industrial Automation (Magna cum Laude) from the British Columbia Institute of Technology.
According to Skynews, “some 140 million people were left without electricity after a transmission line was attacked, knocking out the national grid.”
Power has been restored to much of Pakistan after more than 140 million people were plunged into darkness due to an apparent rebel attack on a key power line.
Up to 80% of the country’s population lost electricity in the early hours of Sunday and disruption was reported at Lahore’s international airport, but flights were not affected.
“In GCHQ we continue to see real threats to the UK on a daily basis, and I’m afraid the scale and rate of these attacks shows little sign of abating.”
We launched our CBTC conference for Engineering Directors in 2014, having noticed and appreciated the vision these leaders possessed in relation to upgrading legacy systems, outdated rolling stock and replacing control systems communication. What really caught my attention, is like Smart Grids, in the name of efficiency ( and in this case increasing capacity infrastructure for growing populations) the communications systems being utilised to create the new efficient control systems from track to train are wireless. The rail sector globally are upgrading their assets with two way embedded communications infrastructure that is vulnerable to all of the attacks we read about daily in other industries.
Whilst this is not a cyber security event, it represents the core of the cybersecurity discussion in that, these are the leaders of implementation connecting and facilitating the design of our transport sector, and the vendors are.. well the same ones providing SCADA and Wireless networks all over the world for industrial control systems.
If Transport Cybersecurity is of interest to you, you wont want to miss this conversation. And again, this is an implementation and engineering driven CBTC conference, we are not discussing security. And that is why, you as a cyber professional need to be here.
By Raj Samani , Jim Walter on Jul 02, 2014
Reblogged with permission orginal article here http://blogs.mcafee.com/mcafee-labs/operation-dragonfly-imperils-industrial-protocol
Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about the Stuxnet malware. In 2009, this particular strain of malware caused significant damage to the Nantanz nuclear facility, reportedly destroying a fifth of Iran’s nuclear centrifuges. Recent reports about Operation Dragonfly, however, appear to be focused on espionage (at least for now), and the scope of the attack appears to be considerably broader than that of Stuxnet. Read more