Industrial Defender - Cyber Security Intelligence for Critical Infrastructure/SCADA

2008.09.02 - Industry News - FBI Reaches Out to SCADA Users

Thu, 4 Sep 2008 12:20:40 -0400

Wes Iversen,,
Automation Times,
02 September 2008

FBI Reaches Out to SCADA Users

If a cyber security incident occurs at your plant, the Federal Bureau of Investigation would like to hear from you.

If a serious cyber security incident occurred in your plant, would you call in the FBI to investigate?

The Bureau certainly hopes that you would. To encourage such actions, the FBI is taking steps not only to strengthen its agents’ understanding of control system technology, but also to build stronger bridges to the control systems community.

2008.08.26 - Industry News - Public, private sectors at odds over cyber security

Wed, 27 Aug 2008 10:30:34 -0400

Joseph Menn,
Las Angeles Times,
26 August 2008

Public, private sectors at odds over cyber security

Three very big and very different computer security breaches that have dominated recent headlines did more than show how badly the Internet needs major repairs. They also exposed the huge rift between corporate America and the federal government over who should fix it, cyber-security experts say.

2008.08.26 - Incidents - FAA computer glitch causes nationwide flight delays

Wed, 27 Aug 2008 10:30:32 -0400

Harry R. Weber,,
USA Today,
26 August 2008

FAA computer glitch causes nationwide flight delays

ATLANTA - The Federal Aviation Administration said Tuesday that a communication failure at a Georgia facility that processes flight plans for the eastern half of the U.S. was causing flight delays around the country.

2008.08.26 - Industry News - Utilities are Taking Cyber Security Seriously

Tue, 26 Aug 2008 15:28:50 -0400

Chris Posey ,
Power Engineering,
26 August 2008

Utilities are Taking Cyber Security Seriously

The North American Electric Reliability Council (NERC), having recognized potential threats to the energy infrastructure both virtual and material, established the critical infrastructure protection (CIP) program to address issues of online and network security within the power generation industry, as well as physical/structural challenges common to the industry.

2008.08.26 - Industry News - Minister warns of national grid hack threat

Tue, 26 Aug 2008 15:27:35 -0400

John Leyden ,
The Register,
26 August 2008

Minister warns of national grid hack threat

A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.

2008.08.23 - Industry News - Thousands of cyber attacks each day on key utilities

Mon, 25 Aug 2008 13:06:56 -0400

Jonathan Richards ,
Times Online,
23 August 2008

Thousands of cyber attacks each day on key utilities

Computer networks controlling electricity supplies, telecommunications and banking are being attacked thousands of times a day in a new cyberwar against Britain waged by criminals and terrorists - some of them backed by foreign states - the Government has said.

2008.08.21 - Industry News - General: Cyber, arctic threats await president

Thu, 21 Aug 2008 15:36:41 -0400

John T. Bennett,
Air Force Times,
21 August 2008

General: Cyber, arctic threats await president

The next U.S. president will inherit ever-growing threats in cyberspace and the Arctic region, meaning the new commander-in-chief likely will be forced to craft an unprecedented collection of new security policies, a top military official said.

2008.08.21 - Industry News - Brits blast TCP/IP security

Thu, 21 Aug 2008 15:36:39 -0400

Shaun Nichols,
VNUNET.com,
21 August 2008

Brits blast TCP/IP security

A report from a top UK government defence body is calling into question the security of the basic internet protocol.

2008.08.20 - Incidents - FEMA phones hacked; calls made to Mideast, Asia

Thu, 21 Aug 2008 15:35:17 -0400

Eileen Sullivan,
MSNBC,
20 August 2008

FEMA phones hacked; calls made to Mideast, Asia

WASHINGTON - A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.

2008.08.18 - Industry News - U.S. at risk of cyberattacks, experts say

Mon, 18 Aug 2008 11:21:19 -0400

Brandon Griggs,
CNN,
18 August 2008

U.S. at risk of cyberattacks, experts say

(CNN) -- The next large-scale military or terrorist attack on the United States, if and when it happens, may not involve airplanes or bombs or even intruders breaching American borders.

2008.08.15 - Industry News - Energy told to tighten cybersecurity policies

Mon, 18 Aug 2008 17:34:01 -0400

Nextgov,
15 August 2008

Energy told to tighten cybersecurity policies

The Energy Department's inspector general on Thursday released an audit of the department's certification and accreditation procedures for national security information systems that revealed a number of potentially serious weaknesses.

2008.08.15 - Industry News - Court tells students to disclose hacker secrets in T case

Fri, 15 Aug 2008 12:19:50 -0400

Maddie Hanna,
The Boston Globe,
15 August 2008

Court tells students to disclose hacker secrets in T case

A federal judge yesterday refused to lift an order prohibiting three MIT students from publicly talking about how they allegedly hacked into the MBTA's automated ticketing system. However, he did order the trio to privately provide more information to the court about the security flaws they say they have uncovered.

2008.08.13 - Industry News - Before the Gunfire, Cyberattacks

Thu, 14 Aug 2008 10:46:25 -0400

John Markoff,
The New York Times,
13 August 2008

Before the Gunfire, Cyberattacks

Weeks before bombs started falling on Georgia, a security researcher in suburban Massachusetts was watching an attack against the country in cyberspace.

2008.08.12 - Industry News - U.S. power grid in better shape 5 years after blackout

Thu, 14 Aug 2008 10:45:06 -0400

Paul Davidson,
USA Today,
12 August 2008

U.S. power grid in better shape 5 years after blackout

Five years after the worst blackout in U.S. history, the nation's electrical system is far better equipped to prevent another big outage, but significant shortcomings remain, federal officials, grid operators and consultants agree.

2008.08.12 - Industry News - Air Force suspends Cyber Command program

Thu, 14 Aug 2008 10:05:46 -0400

Nextgov,
12 August 2008

Air Force suspends Cyber Command program

The Air Force on Monday suspended all efforts related to development of a program to become the dominant service in cyberspace, according to knowledgeable sources. Top Air Force officials put a halt to all activities related to the establishment of the Cyber Command, a provisional unit that is currently part of the 8th Air Force at Barksdale Air Force Base in Louisiana, sources told Nextgov.

2008.08.12 - Industry News - Estonia, Poland help Georgia fight cyberattacks

Tue, 12 Aug 2008 14:59:00 -0400

Jeremy Kirk,
Computer World,
12 August 2008

Estonia, Poland help Georgia fight cyberattacks

In an intriguing cyberalliance, two Estonian computer experts are scheduled to arrive in Georgia by evening to keep the country's networks running amid an intense military confrontation with Russia.

2008.08.11 - Industry News - MIT Students Ordered to Halt Report on Hacking Subway System

Tue, 12 Aug 2008 09:51:54 -0400

Associated Press,
The Wall Street Journal,
11 August 2008

MIT Students Ordered to Halt Report on Hacking Subway System

LAS VEGAS -- A federal judge ordered three college students to cancel a Sunday presentation at a computer hackers' conference where they planned to show security flaws in the automated fare system used by the Boston area's subway system.

2008.08.11 - Industry News - Cyberattacks knock out Georgia's Internet presence

Mon, 11 Aug 2008 09:50:01 -0400

Gregg Keizer
Computer World,
11 August 2008

Cyberattacks knock out Georgia's Internet presence

Hackers, perhaps affiliated with a well-known Russian criminal network, have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday. Some Georgian government and commercial sites are unavailable,

2008.06.26 - Incidents - Hacker illegally activates Brunswick emergency sirens

Fri, 8 Aug 2008 15:43:58 -0400

Terry Oblander,
Cleveland.com,
07 August 2008

Hacker illegally activates Brunswick emergency sirens

Brunswick -- A hacker armed with radio codes set off emergency sirens in Brunswick early Wednesday. If the blasts didn't wake the city's 35,000 residents, follow-up phone calls to residences probably did the trick.

2008.08.08 - Industry News - Hackers' attacks on U.S. government systems are frequent, serious

Fri, 8 Aug 2008 15:42:57 -0400

HS Daily Wire,
08 August 2008

Hackers' attacks on U.S. government systems are frequent, serious

U.S. government computer systems under frequent and serious attacks by other governments and organizations; James Finch, assistant director of the FBI's cybercrime division: "We're not worried so much about the noisy attacks as we are about the quiet ones"

2008.08.08 - Industry News - DHS: Networking security worth the money

Fri, 8 Aug 2008 15:41:20 -0400

Robert McMillan,
Computer World,
08 August 2008

DHS: Networking security worth the money

When it comes to investing in computer security, the U.S. federal government could get a good return on investment by shoring up its networking protocols, according to the man who's been hired to coordinate computer security between federal agencies.

2008.07.29 - Industry News - Cyber losses cost companies $637,000 a year: study

Wed, 30 Jul 2008 16:32:29 -0400

John T. Bennett,
The Canadian Press,
29 July 2008

Cyber losses cost companies $637,000 a year: study

TORONTO - Information technology security breaches cost the average publicly traded Canadian company $637,000 a year, says a new study by the University of Toronto's business school.

2008.07.29 - Industry News - House intel panel ‘conditionally supports’ cyber effort

Wed, 30 Jul 2008 16:25:01 -0400

John T. Bennett,
C4ISR Journal,
29 July 2008

House intel panel ‘conditionally supports’ cyber effort

A powerful House panel has given its 'conditional support' to President Bush’s new unprecedented cyber security initiative, despite its concerns about cost and government-industry collaboration.

2008.07.28 - Industry News - Frankly Speaking: Any single point of failure in IT is a big problem

Mon, 28 Jul 2008 14:01:49 -0400

Frank Hayes,
Computer World,
28 July 2008

Frankly Speaking: Any single point of failure in IT is a big problem

Single point of failure. That's the right term for talking about the mess in San Francisco, where last week the city government finally regained control of its backbone network. Terry Childs, the net admin jailed for locking down administrative access, turned over the passwords during a secret visit from Mayor Gavin Newsom.

2008.07.23 - Industry News - Internal security threats multiply

Thu, 24 Jul 2008 14:41:40 -0400

William Jackson,
Government Computer News,
23 July 2008

Internal security threats multiply

An evaluation of more than 100,000 endpoint devices at private-sector enterprises showed that significant numbers were missing essential software such as antivirus or security patches and were using unauthorized applications such as file sharing and remote control software.

2008.07.21 - Industry News - Cybersecurity Will Take A Big Bite of the Budget

Mon, 21 Jul 2008 15:07:41 -0400

Walter Pincus,
WashingtonPost.com,
21 July 2008

Cybersecurity Will Take A Big Bite of the Budget

President Bush's single largest request for funds and "most important initiative" in the fiscal 2009 intelligence budget is for the Comprehensive National Cybersecurity Initiative, a little publicized but massive program whose details "remain vague and thus open to question," according to the House Permanent Select Committee on Intelligence.

2008.07.17 - Industry News - Electrical infrastructure faces crisis, experts say

Mon, 21 Jul 2008 09:46:52 -0400

Edward Marshall,
The Journal,
17 July 2008

Electrical infrastructure faces crisis, experts say

SHEPHERDSTOWN - Experts said this week that the infrastructure that provides electricity to homes and businesses throughout the country is nearing the breaking point because of increased energy demands - and it remains vulnerable to cyber and terrorist attacks.

2008.07.15 - Industry News - NERC CEO announces plan to improve response to cyber security and CIP

Thu, 17 Jul 2008 09:51:16 -0400

Utility Automation & Engineering T&D and Electric Light & Power,
15 July 2008

NERC CEO announces plan to improve response to cyber security and CIP

Princeton, NJ, July 15, 2008 -- Rick Sergel, president and CEO of the North American Electric Reliability Corporation (NERC), recently announced the organization's plans to improve its response to cyber security and critical infrastructure protection (CIP) concerns for the bulk power system in North America. Revealed to NERC's board of trustees and stakeholders in a letter last week, the plan outlines six specific actions that will lay the foundation for improving grid reliability by enabling faster and more effective action to protect critical assets from cyber or physical threats.

2008.07.14 - Industry News - S.F. officials locked out of computer network

Wed, 16 Jul 2008 10:07:33 -0400

Jaxon Van Derbeken,
SFGate.com,
14 July 2008

S.F. officials locked out of computer network

A disgruntled city computer engineer has virtually commandeered San Francisco's new multimilliondollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.

2008.07.14 - Industry News - Unpatched Windows PCs fall to hackers in under 5 minutes, says ISC

Wed, 16 Jul 2008 10:05:27 -0400

Gregg Keizer,
Computerworld,
14 July 2008

Unpatched Windows PCs fall to hackers in under 5 minutes, says ISC

July 14, 2008 (Computerworld) It takes less than five minutes for hackers to find and compromise an unpatched Windows PC after it's connected to the Internet, a security researcher said today.

The SANS Institute's Internet Storm Center (ISC) currently estimates the "survival" time of an Internetconnected computer running Windows at around four minutes if it's not equipped with the latest Microsoft Corp. security patches, said Lorna Hutcheson, a researcher and analyst, in a post to the ISC blog.

2008.06.26 - Industry News - Grid agency issues advisories after Feb. blackout

Mon, 30 Jun 2008 09:48:53 -0400

Reuters,
26 June 2008

Grid agency issues advisories after Feb. blackout

HOUSTON, June 26 (Reuters) - The North American electric grid watchdog issued three advisories on Thursday to urge utilities to take steps to avoid a repeat of events that ballooned into a four-hour blackout in Florida in February.

2008.06.26 - Incidents - Computer stops city, and that's the fifth time

Fri, 27 Jun 2008 16:48:16 -0400

Linton Besser and Alexandra Smith,
Sydney Morning Herald,
26 JUNE 2008

Computer stops city, and that's the fifth time

A COMPUTER failure in the M5 East tunnel yesterday left tens of thousands of motorists trapped in a traffic snarl that locked up Sydney - the fifth time such a malfunction has shut the vital artery.

2008.06.26 - Industry News - Committees approve more money for cybersecurity

Fri, 27 Jun 2008 16:48:18 -0400

Ben Bain,
FCW.com,
26 June 2008

Committees approve more money for cybersecurity

The House and Senate Appropriations committees have approved different measures to fund the Homeland Security Department in fiscal 2009, and each would provide more money for cybersecurity than the Bush administration requested.

2008.06.13 - Industry News - Disgruntled admin gets 63 months for massive data deletion

Mon, 16 Jun 2008 10:04:59 -0400

Dan Goodin,
The Register,
13 June 2008

Disgruntled admin gets 63 months for massive data deletion

An IT manager who sought revenge for an unfavorable job evaluation was sentenced to more than five years in federal prison after being convicted of intentionally triggering a massive data collapse on his former employer's computer network.

2008.06.12 - Industry News - EU States Extend Life of Internet Security Body

Fri, 13 Jun 2008 14:21:26 -0400

Reuters,
12 June 2008

EU States Extend Life of Internet Security Body

Telecom ministers agree to extend the life of the European Network and Information Security Agency by three years as threats to the Web increase.

LUXEMBOURG (Reuters) - European Union telecoms ministers agreed on Thursday to extend the life of the bloc's Internet security watchdog by three years as threats to the Web increase.

2008.06.11 - Industry News - New York nuclear plant shutdown triggered by digital camera

Fri, 13 Jun 2008 14:21:24 -0400

Newsday,
11 June 2008

New York nuclear plant shutdown triggered by digital camera

BUCHANAN, N.Y. (AP) _ An emergency shutdown of a reactor at the Indian Point nuclear power plant was caused by signals from a worker's digital camera, a newspaper reported Wednesday.

2008.06.11 - Industry News - Chinese hacking threatens U.S. critical infrastructure

Wed, 11 Jun 2008 11:00:01 -0400

Business Wire,
11 June 2008

Core Security Technologies Discovers Critical Vulnerability in SCADA Software from Citect

BOSTON--(BUSINESS WIRE)--Core Security Technologies, makers of CORE IMPACT, the world’s most comprehensive enterprise security assurance testing software, today issued an advisory disclosing a vulnerability that could severely impact organizations relying on Citect’s flagship industrial process control software, CitectSCADA. This discovery indicates that thousands of companies using Citect’s SCADA systems could unknowingly be exposing critical industrial processes and assets that they otherwise sought to protect if they do not immediately move to apply the vendor-provided patch, or other suggested workarounds for the vulnerability issued by the software maker.

2008.06.05 - Incidents - Cyber Incident Blamed for Nuclear Power Plant Shutdown

Thu, 5 Jun 2008 15:26:58 -0400

Brian Krebs,
Washington Post,
05 JUNE 2008

Cyber Incident Blamed for Nuclear Power Plant Shutdown

A nuclear power plant in Georgia was recently forced into an emergency shutdown for 48 hours after a software update was installed on a single computer.

2008.06.02 - Industry News - Chinese hacking threatens U.S. critical infrastructure

Wed, 4 Jun 2008 18:03:28 -0400

Homeland Security Daily Wire,
02 June 2008

Chinese hacking threatens U.S. critical infrastructure

U.S. government networks, and the computer systems of U.S. and Western European companies, are under broad and systemic Chinese hacking campaign; in the case of private Western companies, China steals industrial secrets and patent information in order to hasten its rise to a position of global economic hegemony; in the case of U.S. critical infrastructure -- for example, control of electric power stations, several of which Chinese hackers have managed to disable -- China may be preparing for more sinister contingencies.

2008.05.30 - Company News - Industrial Defender Continues to Enable Process Control and SCADA Cyber Security

Fri, 30 May 2008 09:25:12 -0400

Press Release,
Industrial Defender, Inc. ,
30 May 2008
FOXBOROUGH, Mass., May 30, 2008 - Industrial Defender, Inc., the global leader in Cyber Risk Protection(TM) , today announced that its Industrial Defender Enabled Partner Program is experiencing increased global traction, signing industry-leading partners Bow Networks, GarrettCom Inc., Innominate Security Technologies AG, and Teltone Corporation. The Industrial Defender Enabled Partner Program allows technology providers focused on the industrial control systems and SCADA market to collaborate on enhancing their technology offerings, providing end customers with comprehensive integrated cyber security solutions.

2008.05.30 - Industry News - Cybercrime keeps Canadians on their toes

Fri, 30 May 2008 09:23:31 -0400

Tom Keenan,
Business Edge
30 May 2008

Cybercrime keeps Canadians on their toes

Just-released studies show that Canadians are more likely to be victims of cybercrime than street violence, and that we're bigger software pirates than our American cousins.

2008.05.29 - Industry News - Chinese hackers pose serious danger to U.S. computer networks

Fri, 30 May 2008 12:25:56 -0400

Shane Harris,
GovernmentExecutive.com,
29 May 2008

Chinese hackers pose serious danger to U.S. computer networks

Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

2008.05.23 - Industry News - Physical device recognition to the rescue

Tue, 27 May 2008 09:54:53 -0400

Wilson P. Dizard III,
Government Computer News,
23 May 2008

Physical device recognition to the rescue

Hardware fingerprinting technology migrates from fighting software piracy to shielding infrastructure

2008.05.21 - Industry News - Experts warn of cyberterrorism threat

Thu, 22 May 2008 10:02:20 -0400

Julia Zappei,
Associated Press,
21 May 2008

Experts warn of cyberterrorism threat

KUALA LUMPUR, Malaysia (AP) — Officials from around the world agree they must cooperate better to fight the threat of cyberterrorism at facilities such as nuclear power plants.

2008.05.19 - Industry News - Cost of cybersecurity initiative to triple, panel reports

Tue, 20 May 2008 09:40:53 -0400

Bob Brewin,
Nextgov,
19 May 2008

Cost of cybersecurity initiative to triple, panel reports

The Bush administration’s proposal to defend government networks against cyberattacks will cost $17 billion, nearly three times original estimates, and is so secret that it cuts the public out of the debate on the program, according to a Senate report.

2008.05.19 - Industry News - ELECTRICITY: Cybersecurity standards under review

Mon, 19 May 2008 17:38:36 -0400

Katherine Ling,
Environment & Energy Daily,
19 May 2008

ELECTRICITY: Cybersecurity standards under review

A House Homeland Security subcommittee will receive an update this week on new security measures to protect the nation's bulk power system from cyber attacks.

2008.05.19 - Industry News - More Transparency Needed in Cybersecurity Initiative

Mon, 19 May 2008 13:49:19 -0400

Phil Leggiere,
HS Today,
19 May 2008

More Transparency Needed in Cybersecurity Initiative

Senate committee report cites problems with excessive secrecy and lack of mission goal specificity in cybersecurity initiative.

With much fanfare Michael Chertoff in a widely noted speech to the top tier of security professionals attending the RSA security conference last month announced an ambitious Department of Homeland Security (DHS) initiative called the National Cybersecurity Center to secure federal government networks and critical information systems from attacks and intrusions. DHS’s center is to be a core component of the larger government wide National Cybersecurity Initiative announced by the Bush administration, which prominently includes, in addition to DHS, the National Security Agency (NSA).

2008.05.14 - Industry News - NATO allies sign agreement on cyber defense center

Wed, 14 May 2008 17:14:08 -0400

The Associated Press,
14 May 2008

NATO allies sign agreement on cyber defense center
BRUSSELS, Belgium: Seven NATO allies signed a deal Wednesday to fund a research center to boost the alliance's defenses against cyber attacks, seen as a growing threat to military and civilian computer networks.

2008.05.08 - Industry News - Hundreds of U.K. critical infrastructure facilities at flood risk

Fri, 9 May 2008 10:29:41 -0400

Homeland Security Daily Wire,
08 May 2008

Hundreds of U.K. critical infrastructure facilities at flood risk
A study triggered by last summer’s deadly U.K. floods concludes that hundreds of U.K. power substations and water treatment plants are at risk from flooding, thus compounding and exacerbating the consequences of natural disasters.

2008.05.08 - Industry News - Rare SCADA bug poses power plant risk

Fri, 9 May 2008 10:27:08 -0400

John Leyden,
The Register,
08 May 2008

Rare SCADA bug poses power plant risk
Security watchers warn of a rare vulnerability involving software used to control industrial systems. A denial of service vulnerability in monitoring software from Invensys poses a severe risk to the factories and utilities running its Wonderware subsidiary's InTouch SuiteLink application.

2008.05.08 - Industry News - Hundreds of U.K. critical infrastructure facilities at flood risk

Fri, 9 May 2008 10:20:50 -0400

2008.05.05 - Industry News -Defense, intelligence could take major role in cyber defense

Tue, 6 May 2008 11:16:06 -0400

Bob Brewin ,
nextgov.com,
05 May 2008

Defense, intelligence could take major role in cyber defense
The Bush administration this week could release its ambitious plan to defend government networks from cyberattacks, but recent news reports and a February 2008 budget supplement indicates that the Defense Department and intelligence agencies could lead the effort.

2008.05.05 - Industry News -DHS cybersecurity strategy draws fire

Tue, 6 May 2008 11:16:05 -0400

Alice Lipowicz,
FCW.com,
05 May 2008

DHS cybersecurity strategy draws fire
The Homeland Security Department’s ambitious cybersecurity initiative might be relying too much on contractors and might not be providing enough information to the public, according to two key senators.

2008.05.02 - Industry News -Lieberman and Collins Step Up Scrutiny of Cyber Security Initiative

Tue, 6 May 2008 10:18:47 -0400

Press Release,
Senate Committee on Homeland Security and Governmental Affairs,
02 May 2008

Lieberman and Collins Step Up Scrutiny of Cyber Security Initiative
Secrecy, Overuse of Contractors, Role of Private Sector at Stake
WASHINGTON - Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, ID-Conn., and Ranking Member Susan Collins, R-Me., are seeking detailed explanations from the Department of Homeland Security regarding a new initiative to secure federal information technology systems.

2008.04.30 - Industry News -The Art of Cyber Warfare, Part 2: Digital Defense

Thu, 1 May 2008 16:55:18 -0400

Jack Germain,
E-Commerce Times,
30 April 2008

The Art of Cyber Warfare, Part 2: Digital Defense
Cyber warfare is a sort of irregular warfare, a strategy usually employed by underdogs fighting a stronger enemy. Cyber attack tactics, however, are sometimes backed by strong forces. To defend against such an attack, exercises like Cyber Storm involve wide stretches of both public and private sectors of American infrastructure.

2008.04.29 - Industry News -The Art of Cyber Warfare, Part 1: The Digital Battlefield

Thu, 1 May 2008 16:51:48 -0400

Jack Germain,
E-Commerce Times,
29 April 2008

The Art of Cyber Warfare, Part 1: The Digital Battlefield
Computer network attacks are often perpetrated by gangs of criminal hackers attempting to break into a system for financial gain. However, cyber attacks for political purposes could just as easily be -- and sometimes are -- perpetrated. A country's national security could be severely threatened should a team of hackers successfully crack certain computer systems.

2008.04.28 - Industry News -Homeland security's cyber eyes

Thu, 1 May 2008 16:47:58 -0400

Alan Joch,
FCW,
28 April 2008

Homeland security's cyber eyes
Security experts roll out new techniques to try to keep up with today’s stealthy, transnational cyberattacks

When it comes to hacking and cyber espionage, few targets are as popular as the U.S. government. According to the U.S. Computer Emergency Readiness Team, federal agencies reported 12,986 cyberattacks in 2007 compared with 3,569 two years earlier.

2008.04.28 - Industry News -Cybersecurity’s new world order

Thu, 1 May 2008 16:44:08 -0400

Ben Bain,
FCW,
28 April 2008

Cybersecurity’s new world order
A year after massive cyberattacks virtually shut down Internet operations in Estonia, government officials here and abroad are still learning to adapt to a world in which technology, diplomacy and defense converge.

2008.04.28 - Industry News -Experts struggle with cybersecurity agenda

Thu, 1 May 2008 16:42:52 -0400

William Jackson,
Government Computer News,
28 April 2008

Experts struggle with cybersecurity agenda
Whoever becomes our next president will inherit a cyber infrastructure under almost constant attack and at greater risk than eight years ago, and a handful of experts and legislators have come together to ensure that cybersecurity has a high priority in his or her administration.

2008.04.25 - Industry News -DHS moves to ramp up cybersecurity in federal agencies

Tue, 29 Apr 2008 09:52:18 -0400

Chris Strohm,
GovernmentExecutive.com,
25 April 2008

DHS moves to ramp up cybersecurity in federal agencies
The Homeland Security Department plans to complete an analysis in about 45 days to determine which U.S. government computer networks are most vulnerable to cyberattacks, with the intention of deploying 50 new intrusion detection systems to federal agencies by the end of the year, a top U.S. cybersecurity official said Friday.

2008.04.25 - Industry News -Cyber-Attacks and Cyber-Disasters: Are You Prepared?

Fri, 25 Apr 2008 10:30:07 -0400

Kevin Coleman,
TechNewsWorld,
25 April 2008

Cyber-Attacks and Cyber-Disasters: Are You Prepared?
In 2007, a denial-of-service attack was launched every 53 minutes. Earlier this year, the loss of an undersea cable resulted to the loss of Internet service for entire regions. Businesses that rely to any measure on the Web must secure their businesses against the possibility of large-scale cyber-attacks and disasters, writes strategic management consultant Kevin Coleman.

2008.04.24 - Industry News -Critical infrastructure central to cyber threat

Fri, 25 Apr 2008 10:28:31 -0400

Ben Bain ,
FCW.com,
24 April 2008

Critical infrastructure central to cyber threat
The United States is increasingly vulnerable to cyberattacks that could have catastrophic effects on critical physical infrastructure, and severely damage the country’s economic, military and strategic interests, cybersecurity specialists said today.

2008.04.17 - Industry News -Beware the insider security threat

Thu, 17 Apr 2008 14:32:57 -0400

Andy McCue,
Silicon.com,
17 April 2008

Beware the insider security threat
Employees and insiders are bigger threats to corporate security than external threats such as denial of service attacks or malware.

2008.04.17 - Industry News -S'pore pledges US$52M against cyber threats

Thu, 17 Apr 2008 14:31:49 -0400

Vivian Yeo ,
ZDNet Asia,
17 April 2008

S'pore pledges US$52M against cyber threats

SINGAPORE--The government today announced it will pump S$70 million (US$51.6 million) over the next five years to boost its cyber defenses and guard against emerging threats.

2008.04.17 - Industry News -Security experts split on "cyberterrorism" threat

Thu, 17 Apr 2008 14:30:36 -0400

Mark Trevelyan,
Reuters,
17 April 2008

Security experts split on "cyberterrorism" threat

LONDON (Reuters) - International experts called on Wednesday for greater cooperation to fight threats to computer networks but they differed on the definition of cyberterrorism, with a top British security official describing it as a "myth".

2008.04.16 - Industry News -IG: DHS need cyber security coordination office

Thu, 17 Apr 2008 14:29:07 -0400

Alice Lipowicz ,
FCW.com,
16 April 2008

IG: DHS need cyber security coordination office

The Homeland Security Department is moving too slowly to protect its most critical internal computer systems, according to a new from the department’s inspector general, Richard Skinner.

2008.04.16 - Company News - Frost & Sullivan Acknowledges Industrial Defender as Market Leader in Critical Infrastructure Cyber Security Protection

Thu, 17 Apr 2008 14:28:24 -0400

Press Release,
Frost & Sullivan ,
16 April 2008
Palo Alto, Calif. - April 16, 2008 - Based on its recent analysis of the cyber risk management solutions market for process control & SCADA environment, Frost & Sullivan presents Industrial Defender Inc. with the 2008 Global Frost & Sullivan Company of the Year Award.

2008.04.16 - Company News - Frost & Sullivan Acknowledges Industrial Defender as Market Leader in Critical Infrastructure Cyber Security Protection

Wed, 16 Apr 2008 10:02:37 -0400

Press Release,
Industrial Defender, Inc. ,
16 April 2008
FOXBOROUGH, Mass., April. 16, 2008 - Industrial Defender, Inc., the global leader in Cyber Risk Protection(TM), today announced that it is the recipient of the 2008 Global Risk Management Process Control & SCADA Company of the Year Award by Frost & Sullivan, a leading global growth consulting company.

2008.04.10 - Industry News -Bush's Cyber Secrets Dilemma

Fri, 11 Apr 2008 14:30:27 -0400

Andy Greenberg,
Forbes,
10 April 2008

Bush's Cyber Secrets Dilemma

SAN FRANCISCO, CALIF. - There's a problem facing the Bush administration: It has $30 billion to spend over the next five to seven years to keep the U.S. safe from hackers and cyberspies. But to extend that protection to the nation's critical infrastructure--including banks, telecommunications and transportation--it needs the cooperation of the private sector.

2008.04.09 - Industry News -DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats

Fri, 11 Apr 2008 14:30:26 -0400

Tim Wilson,
Dark Reading,
09 April 2008

DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats

SAN FRANCISCO -- RSA Conference 2008 -- Michael Chertoff, secretary of the U.S. Department of Homeland Security, is a long way from feeling secure.

In a keynote address and press conference yesterday here, Chertoff discussed the threats faced by government and business, the progress of federal cyber security efforts, and the state of current security technology. And he believes a lot more work needs to be done on all of those fronts.

2008.04.09 - Industry News -Water, water, everywhere under attack

Fri, 11 Apr 2008 14:30:21 -0400

Alice Lipowicz,
Washington Technology,
09 April 2008

Water, water, everywhere under attack

Water utilities should begin work immediately to secure their systems against catastrophic cyberattack, according to a new strategy document sponsored by the American Water Works Association and Homeland Security Department.

2008.04.09 - Industry News -Experts hack power grid in no time

Fri, 11 Apr 2008 14:30:07 -0400

Tim Greene,
Network World ,
09 April 2008

Experts hack power grid in no time

SAN FRANCISCO -- Cracking a power company network and gaining access that could shut down the grid is simple, a security expert told an RSA audience, and he has done so in less than a day.

2008.04.09 - Industry News -Air Force pushing ahead on cyberspace

Fri, 11 Apr 2008 14:29:55 -0400

Ben Bain ,
FCW.com
09 April 2008

Air Force pushing ahead on cyberspace

The Air Force is finalizing a doctrine that will guide its operations in cyberspace, a domain in which the service plans to invest $5 billion during coming years as it works to establish its new Cyber Command. .

2008.04.09 - Industry News -Chertoff wants early warning system for infrastructure attacks

Thu, 10 Apr 2008 17:35:44 -0400

Associated Press,
CNN,
09 April 2008

Chertoff wants early warning system for infrastructure attacks

SAN FRANCISCO (AP) -- Federal cybersecurity officials are trying to develop an early warning system that alerts authorities to incoming computer attacks targeting critical U.S. infrastructure, Homeland Security Secretary Michael Chertoff said.

2008.04.08 - Industry News -Breaking into a power station in three easy steps

Wed, 9 Apr 2008 14:32:12 -0400

Elinor Mills,
Cnet News,
08 April 2008

Breaking into a power station in three easy steps

"I will tell (you) how to break into a nuclear reactor," Ira Winkler, president of security firm ISAG said as he launched into his presentation on "How to Take Down the Power Grid" at RSA 2008 on Tuesday night.

"Frankly, it's really easy to break into the power grid," he said. "It happens all the time."

2008.04.04 - Industry News -U.S. reveals plans to hit back at cyberthreats

Mon, 7 Apr 2008 11:22:42 -0400

Tom Espiner,
Cnet News,
04 April 2008

U.S. reveals plans to hit back at cyberthreats

The U.S. Air Force Cyber Command is developing capabilities to inflict denial of service, confidential data loss, data manipulation, and system integrity loss on its adversaries, and to combine these with physical attacks, according to a senior U.S. general.

2008.03.24 - Incidents- Limerick (PA) nuclear power station shut from full power

Tue, 25 Mar 2008 12:12:36 -0400

Reuters,
24 MAR 2008

Exelon Pa. Limerick 1 reactor shut

NEW YORK, March 24 (Reuters) - Exelon Corp's (EXC.N: Quote, Profile, Research) 1,134-megawatt Unit 1 at the Limerick nuclear power station in Pennsylvania shut from full power on March 22, the company said in a release.

The shutdown occurred due to a problem with the main turbine control system on the electrical distribution side of the plant. In the release, the company said operators were making repairs.

2008.03.13 - Industry News - Bush calls for tighter cybersecurity

Mon, 17 Mar 2008 10:22:14 -0400

Richard Wolf,,
USA Today,
13 March 2008

Bush calls for tighter cybersecurity

WASHINGTON - A sudden spike in the number of successful attacks against federal government information systems and databases has led President Bush to propose a multibillion-dollar response.

2008.03.13 - Industry News - Cyberexercise shows need for better training to avoid major network failures

Mon, 17 Mar 2008 09:46:07 -0400

Jill R. Aitoro,
GovernmentExecutive.com,
13 March 2008

Cyberexercise shows need for better training to avoid major network failures

Workers operating networks supporting the nation's critical infrastructure such as telecommunications and transportation need better training on how to manage backup systems in case cyberattacks take down main systems, said a top Homeland Security Department official Thursday.

2008.03.12 - Industry News - Insiders are the greatest threat to companies' security

Wed, 12 Mar 2008 14:29:51 -0400

DHSDailyWire.com,
12 March 2008

Insiders are the greatest threat to companies' security

There is a 72 percent likelihood that the next successful attack on your company will come from an insider, says IBM Tivoli executive

The recent scandal at French bank Société Générale has highlighted, if such highlighting was necessary, how vulnerable companies are to insider threats, speakers said Tuesday at the European Computer Audit Control and Security Conference in Stockholm. "Despite all the press and focus on hacking and viruses, there is a 72 percent likelihood that the next successful attack will come from an insider, according to statistics from ISCSA Labs," said Marne Gordan, GRC market manager at IBM Tivoli. Because such users are already on the inside they can cause a lot of damage, and go undetected for a long time. Reasons for users turning on their employers include financial gain, curiosity and good old-fashioned revenge, according to Gordan.

2008.03.10 - Industry News - U.S. officials: "Cyber Warfare Is Already Here"

Mon, 17 Mar 2008 10:36:11 -0400

HSDailyWire.com,
10 March 2008

U.S. officials: "Cyber Warfare Is Already Here"

U.S. officials say China, Russia, and possibly other nation-states are capable of collecting or exploiting data held on U.S. information systems; Director of National Intelligence says especially worrisome is the ability of other countries to destroy data in the system: "And the destroying data could be something like money supply, electric power distribution, transportation sequencing and that sort of thing"

2008.03.10 - Industry News - Analysis: DHS stages cyberwar exercise

Tue, 11 Mar 2008 09:49:07 -0400

Shaun Waterman ,
Middle East Times,
10 March 2008

Analysis: DHS stages cyberwar exercise

WASHINGTON, March 10 (UPI) -- Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

2008.03.09 - Industry News - Fed Networks Increasingly Under Siege

Mon, 10 Mar 2008 14:00:14 -0400

Courtney Mabeus ,
PCWorld,
09 March 2008

Fed Networks Increasingly Under Siege

Richard Westfield acknowledges his small agency, the National Labor Relations Board, doesn't possess the most sought-after data in government. But that doesn't mean his agency is not a target for hackers.

The agency’s computers are linked to other networks. "Once they have access to the network," Westfield said, "They can use that as a launch pad to other organizations."

2008.03.09 - Industry News - Chinese Hackers Worry Pentagon

Mon, 10 Mar 2008 13:58:51 -0400

PCWorld,
09 March 2008

Chinese Hackers Worry Pentagon

WASHINGTON (Reuters) - China is developing weapons that would disable its enemies' space technology such as satellites in a conflict, the Pentagon said in a report released last week.

The report also said "numerous" intrusions into computer networks around the world, including some owned by the U.S. government, in the past year seem to have originated in China.

2008.03.06 - Industry News - House Security Committee Passes Chemical Plant Anti-Terrorism Bill

Mon, 10 Mar 2008 17:51:29 -0400

Greenpeace,
06 March 2008,

House Security Committee Passes Chemical Plant Anti-Terrorism Bill

WASHINGTON, DC - March 6 - In a bipartisan vote, led by U.S. Rep. Bennie Thompson (D-MS), the House Homeland Security Committee today passed the "Chemical Facilities Anti-Terrorism Act of 2008." The bill would significantly strengthen the Department of Homeland Security's (DHS) regulations and create a permanent law to address the risks posed by chemical facilities.

2008.03.06 - Industry News - U.S. unprepared for ongoing cyberwar, say top military and intelligence officials

Fri, 7 Mar 2008 10:44:09 -0500

Bob Brewin,
GovernmentExecutive.com,
06 March 2008

U.S. unprepared for ongoing cyberwar, say top military and intelligence officials

The United States is in the midst of a cyberwar and is not prepared to deal with it, top Defense Department and intelligence officials acknowledged this week.

"Cyberwarfare is already here.... It's one of our major challenges," said Defense Deputy Secretary Gordon England on Monday at the annual National Community Service and Legislative Conference of the Veterans of Foreign Wars.

2008.03.06 - Industry News - Nato says cyber warfare poses as great a threat as a missile attack

Fri, 7 Mar 2008 10:32:21 -0500

Bobbie Johnson,
guardian.co.uk,
06 March 2008

Nato says cyber warfare poses as great a threat as a missile attack

Nato is treating the threat of cyber warfare as seriously as the risk of a missile strike, according to a senior official.

A London conference was told that online espionage and internet-based terrorism now represent some of the gravest threats to global security.

2008.03.04 - Industry News - Pentagon: China's computer hacking worries Pentagon

Wed, 5 Mar 2008 10:28:35 -0500

Julian E. Barnes,
LATimes.com,
04 March 2008

China's computer hacking worries Pentagon

A report says the country now has the ability to get into networks around the world.

WASHINGTON - China in the last year has developed ways to infiltrate and manipulate computer networks around the world in what U.S. defense officials conclude is a new and potentially dangerous military capability, according to a Pentagon report issued Monday.

2008.03.03 - Industry News - FPL Announces Preliminary Findings of Outage Investigation

Wed, 5 Mar 2008 10:30:15 -0500

ElectricEnergyOnline.com,
03 March 2008

FPL Announces Preliminary Findings of Outage Investigation

Juno Beach, Fla., March 3, 2008 - Florida Power & Light Company announced preliminary findings of its ongoing investigation into the cause of an outage affecting approximately 584,000 customers on Tuesday, Feb. 26.

2008.03.03 - Industry News - Pentagon: Cyberattacks appear to come from China

Wed, 5 Mar 2008 09:46:36 -0500

Bob Brewin,
GovernmentExecutive.com,
03 March 2008

Pentagon: Cyberattacks appear to come from China

The Defense Department said Monday that cyberattacks in 2007 against computer networks operated by governments and commercial institutions around the world "appear" to have originated within China -- marking the first time the Pentagon has so visibly pinned the blame against China for cyberattacks.

2008.03.01 - Industry News - Human error caused outage

Wed, 5 Mar 2008 09:44:32 -0500

Eve Samples,
Palm Beach Post ,
01 March 2008

Human error caused outage

A blunder by a field engineer working alone at one of Florida Power & Light Co.'s substations appears to have triggered the blackout that left at least 2 million Floridians without power Tuesday.

2008.02.28 - Industry News - Cyber-Security: Ignore At Your Peril

Fri, 29 Feb 2008 10:57:38 -0500

Scott Louis Weber,
Forbes,
28 Feb 2008

Cyber-Security: Ignore At Your Peril

In the 2001 attack on the World Trade Center, al-Qaida accomplished three goals: It caused a massive loss of life, it destroyed an icon of American prosperity and it wreaked havoc on Wall Street and the U.S. economy. Economic destruction continues to be a goal of terrorists and other bad actors, and cyber attacks are an increasingly popular and effective weapon.

2008.02.28 - Industry News - DHS gives itself a 'C' for cybersecurity

Fri, 29 Feb 2008 10:56:08 -0500

Jill R. Aitoro,
GovernmentExecutive.com,
28 Feb 2008

DHS gives itself a 'C' for cybersecurity

The top ranking official in the Homeland Security Department's national protection division called the agency's efforts in cybersecurity satisfactory, assigning a grade of 'C' during congressional testimony Thursday. But members of Congress called the grade inadequate, emphasizing the need for better collaboration with agency technology leaders, real-time response to system attacks, and metrics that measure the ability to protect networks from specific threats rather than system compliance.

2008.02.20 - Industry News - Power restored to parts of Florida after outage

Wed, 27 Feb 2008 10:09:26 -0500

CNN,
27 Feb 2008

Power restored to parts of Florida after outage

MIAMI, Florida (CNN) -- Power was restored Tuesday for most of Florida after a failed switch and fire at an electrical substation outside Miami triggered widespread blackouts across the state.

2008.02.26 - Incidents- Massive power outage hits Florida

Tue, 26 Feb 2008 17:22:53 -0500

CNN,
26 FEB 2008

Massive power outage hits Florida

MIAMI, Florida (CNN) -- A "significant equipment failure" at a substation west of Miami triggered Tuesday afternoon's blackouts around southern Florida, a Florida Power & Light official said.

Utility spokeswoman Aletha Player said an investigation is ongoing, and provided no details of the failure. But she said the 700,000 customers affected by the outage in southern Florida should have power restored by 5:30 p.m.

2008.02.20 - Industry News - Analysis: Terrorism 2.0

Wed, 20 Feb 2008 15:53:04 -0500

Middle East Times,
20 Feb 2008

Analysis: Terrorism 2.0

BRUSSELS, Feb. 20 (UPI) -- Terrorism and wars of the future won't be fought outdoors but from the comfort of our own homes, behind our computer screens. With cyberattacks on the rise and gaining in destructive capability, the threat to the international community is beyond current regulations and defense mechanisms, a panel of experts said last week.

2008.02.13 - Industry News - Pentagon: Cyberattacks appear to come from China

Thu, 14 Feb 2008 13:42:42 -0500

EurActiv.com,
13 Feb 2008

Pentagon: Cyberattacks appear to come from China

The military alliance has agreed to set up a new body to coordinate responses to cyber attacks carried out against its members and gather intelligence to prevent them from happening in the future, a NATO official said.

2008.02.11 - Industry News - Cyberterrorism, Inc

Mon, 11 Feb 2008 11:53:19 -0500

Peter Buxbaum,
ISN,
11 Feb 2008

Cyberterrorism, Inc

A new report says that 2008 will see an expansion of economic espionage in which nation-states and companies will use cybertheft of data to gain economic advantage in multinational deals.

2008.02.07 - Industry News - Spending for IT security gains ground in 09 budget

Thu, 14 Feb 2008 13:46:05 -0500

Wyatt Kash,
GCN- Government Computer News,
07 Feb 2008

Spending for IT security gains ground in 09 budget

If President Bush’s 2009 budget request indeed reflects his priorities, then securing the government’s information technology systems appears to have the president’s attention.

2008.02.11 - Industry News - Welcome to Cyberwar Country, USA

Mon, 11 Feb 2008 11:51:35 -0500

Marty Graham,
Wired,
11 Feb 2008

Welcome to Cyberwar Country, USA

BARKSDALE AIR FORCE BASE, Louisiana -- When a reporter enters the Air Force office of William Lord, a smile comes quickly to the two-star general's face as he darts from behind his immaculate desk to shake hands. Then, as an afterthought, he steps back and shuts his laptop as though holstering a sidearm.

2008.02.10 - Industry News - Combating Enemies Online: State-Sponsored and Terrorist Use of the Internet

Mon, 11 Feb 2008 11:49:33 -0500

James Jay Carafano and Richard Weitz,
Hawaii Reporter,
10 Feb 2008

Combating Enemies Online: State-Sponsored and Terrorist Use of the Internet

Even before the terrorist attacks of Sept. 11, 2001, security experts were becoming increasingly concerned about the vulnerability of U.S. computer systems and associated infrastructure. The 9/11 attacks amplified these concerns.

2008.02.01 - Industry News - Cyber Security Breach

Mon, 4 Feb 2008 09:29:10 -0500

Bruce Gellerman,
Living on Earth,
01 Feb 2008

Cyber Security Breach

As power companies increasingly use the internet to manage their power grids, they’re also becoming increasingly vulnerable to hacker attacks that could shut down power and destroy facilities, all with the click of a mouse. Host Bruce Gellerman speaks with Alan Paller, director of research at the SANS Institute, which specializes in security systems education.

2008.01.31 - Industry News - Threats from everywhere in 'cyber storm'

Mon, 11 Feb 2008 11:47:47 -0500

Ted Bridis,
Associated Press,
31 Jan 2008

Threats from everywhere in 'cyber storm'

WASHINGTON - In the middle of the biggest-ever "Cyber Storm" war game to test the nation's hacker defenses, someone quietly targeted the very computers used to conduct the exercise.

2008.01.29 - Industry News - Industry experts question $6 billion Bush cybersecurity plan

Fri, 1 Feb 2008 09:54:48 -0500

Jill R. Aitoro,
GovernmentExecutive.com,
29 Jan 2008

Industry experts question $6 billion Bush cybersecurity plan

A system that focuses on network protection will do little to fend off intruders, industry sources argue in response to reports that President Bush will allocate $6 billion in his 2009 budget to a cybersecurity project meant to shield communication networks from terrorists and hackers.

2008.01.19 - Incidents- CIA: Hackers to Blame for Power Outages

Wed, 23 Jan 2008 11:37:51 -0500

Associated Press,
19 JAN 2008

CIA: Hackers to Blame for Power Outages

WASHINGTON (AP) - Hackers literally turned out the lights in multiple cities after breaking into electrical utilities and demanding extortion payments before disrupting the power, a senior CIA analyst told utility engineers at a trade conference.

All the break-ins occurred outside the United States, said senior CIA analyst Tom Donahue. The U.S. government believes some of the hackers had inside knowledge to cause the outages. Donahue did not specify what countries were affected, when the outages occurred or how long the outages lasted. He said they happened in "several regions outside the United States."

2008.01.17 - Industry News - NERC Cyber Security Standards to Become Mandatory in United States

Thu, 17 Jan 2008 15:22:03 -0500

NERC Press Release ,
17 JAN 2008

NERC Cyber Security Standards to Become Mandatory in United States

PRINCETON, N.J., Jan. 17, 2008 - In a major move toward ensuring the reliability of the electric grid, the Federal Energy Regulatory Commission (FERC) today approved eight cyber security and critical infrastructure protection standards proposed by NERC. Set to become mandatory when the Commission’s order becomes effective in approximately 60 days, the standards will require bulk power system users, owners, and operators in the U.S. to identify and document cyber risks and vulnerabilities, establish controls to secure critical cyber assets from physical and cyber sabotage, report security incidents, and establish plans for recovery in the event of an emergency. The standards are already mandatory in Ontario and New Brunswick in Canada.

2008.01.16 - Industry News - Weak control system security threatens U.S.

Wed, 16 Jan 2008 15:24:50 -0500

Joab Jackson ,
GCN.com,
16 JAN 2008

Weak control system security threatens U.S.

NEW ORLEANS - Weak security on infrastructure control systems may eventually put the country at risk for a coordinated attack on utilities, warned Jerry Dixon, former acting director of the Homeland Security Department’s National Cyber Security Division.

2008.01.11 - Incidents - Schoolboy hacks into city's tram system

Wed, 16 Jan 2008 15:26:39 -0500

Graeme Baker,
Telegraph.co.uk,
11 JAN 2008

Schoolboy hacks into city's tram system

A teenage boy who hacked into a Polish tram system used it like "a giant train set", causing chaos and derailing four vehicles.

The 14-year-old, described by his teachers as a model pupil and an electronics "genius", adapted a television remote control so it could change track points in the city of Lodz.

2008.01.05 - Industry News - Feds confirm 2006 security violation at OR nuclear plant

Thu, 10 Jan 2008 13:20:42 -0500

Frank Munger ,
KnoxNews.com,
05 JAN 2008

Feds confirm 2006 security violation at OR nuclear plant

OAK RIDGE - Federal inspectors have confirmed a late 2006 security breach in which an unauthorized laptop computer was taken into a high-security area at the Y-12 nuclear weapons plant. They also found that Y-12's cyber security personnel did not respond properly after the breach was discovered.

2007.12.28 - Industry News - USAF wants to build Cyber Control System

Wed, 2 Jan 2008 14:12:21 -0500

Brian Robinson ,
Washington Technology,
28 Dec 2007

USAF wants to build Cyber Control System

As part of its evolving cyberwarfare strategy, the Air Force is looking for input on how to construct a command and control system that would support defensive and offensive operations in the event of an all-out attack on the country’s information infrastructure.

2007.12.27 - Industry News - NIST: Fed agencies should mount penetration attacks

Wed, 2 Jan 2008 14:12:20 -0500

Jack Rogers ,
scmagazineus.com,
27 Dec 2007

NIST: Fed agencies should mount penetration attacks

In the final draft of its upcoming security guidelines for protecting federal information systems, the National Institute of Standards and Technology (NIST) is recommending that federal agencies conduct regular penetration tests to determine whether their networks can be breached.

2007.12.27 - Industry News - Experts fail government on cybersecurity

Wed, 2 Jan 2008 14:12:19 -0500

Ryan Blitstein ,
San Jose Mercury News ,
27 Dec 2007

Experts fail government on cybersecurity

Efforts criticized for deficient funds, lack of understanding of threat's size

SAN JOSE, CALIF.: Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a San Jose Mercury News investigation reveals.

2007.12.19 - Industry News - Irate Unix Administrator Admits Trying To Sabotage California Power Grid

Fri, 21 Dec 2007 10:56:33 -0500

Charles Babcock ,
Information Week,
19 Dec 2007

Irate Unix Administrator Admits Trying To Sabotage California Power Grid

A contract Unix system administrator pleaded guilty to trying to disrupt a data center where he was employed in Folsom, Calif., by hammering the safety glass of an emergency power shut-off, then pushing the shut-down button.

2007.12.18 - Industry News - House approves $34.9B for homeland security

Thu, 20 Dec 2007 17:20:25 -0500

Alice Lipowicz,
Washington Technology,
18 Dec 2007

House approves $34.9B for homeland security

The omnibus spending bill approved by the House of Representatives yesterday includes $34.9 billion in baseline funding for the Homeland Security Department in fiscal 2008 and boosts major departmental information technology contracting efforts focused on U.S. Visit and the Real ID Act of 2005.

2007.12.10 - Industry News - FERC seeks industry cyber-security plans

Tue, 11 Dec 2007 10:10:28 -0500

Associated Press (AP),
cnnmoney.com,
10 Dec 2007

FERC seeks industry cyber-security plans

WASHINGTON (AP) - Federal energy regulators said Monday they have asked the White House to approve a rule that requires the electric industry to submit detailed reports about its progress in addressing potential cyber-security vulnerabilities.

2007.12.10 - Industry News - China suspected in hacking attempt on Oak Ridge National Lab

Mon, 10 Dec 2007 17:03:30 -0500

hsdailywire.com,
10 Dec 2007

China suspected in hacking attempt on Oak Ridge National Lab

In October about 1,100 employees at the Oak Ridge National Lab received versions of seven phishing e-mails which appeared legitimate; eleven employees opened the e-mails' attachments, which enabled the hackers to infiltrate the Lab's system and remove data; Last week DHS circulated memo to security experts pointing to China as the source of the October hacking at the weapon lab.

2007.12.07 - Incidents - Hackers launch major attack on U.S. military labs

Mon, 10 Dec 2007 11:40:40 -0500

John E. Dunn,
techworld.com,
07 Dec 2007

Hackers launch major attack on U.S. military labs

Sophisticated cyber attacks break into computer systems at the U.S. military's Oak Ridge National Laboratory in Tennessee and Los Alamos National Laboratory in New Mexico

2007.12.07 - Incidents - Cyber hackers infiltrate ORNL (Oak Ridge National Laboratory)

Fri, 7 Dec 2007 13:18:34 -0500

Frank Munger,
Knoxnews.com),
07 Dec 2007

Cyber hackers infiltrate ORNL (Oak Ridge National Laboratory)

OAK RIDGE - Oak Ridge National Laboratory was the target of a "sophisticated cyber attack" that potentially gave hackers access to the personal information of thousands of visitors to the lab from 1990 to 2004, the laboratory confirmed Thursday.

2007.11.30 - Industry News - Government-sponsored cyberattacks on the rise, McAfee says

Mon, 3 Dec 2007 09:25:38 -0500

Jon Brodkin ,
Computer World,
30 Nov 2007

Government-sponsored cyberattacks on the rise, McAfee says

Big Brother -- someone's Big Brother -- is actively messing with you

November 30, 2007 (Network World) -- Governments and allied groups worldwide are using the Internet to spy and launch cyberattacks on their enemies, targeting critical systems including electricity, air traffic control, financial markets and government computer networks, according to McAfee's annual report examining global cybersecurity.

2007.11.29 - Industry News - Insider charged with hacking California canal system

Fri, 30 Nov 2007 11:42:57 -0500

Robert McMillan ,
Computer World,
29 Nov 2007

Insider charged with hacking California canal system

Ex-supervisor installed unauthorized software on SCADA system, indictment says

November 29, 2007 (IDG News Service) -- SAN FRANCISCO -- A former employee of a small California canal system has been charged with installing unauthorized software and damaging the computer used to divert water from the Sacramento River.

2007.11.29 - Incidents - Enbridge eyes quick restart after pipe blast

Fri, 30 Nov 2007 12:10:15 -0500

Jeffrey Jones and Scott Haggett,
Reuters (AP),
29 Nov 2007

Enbridge eyes quick restart after pipe blast

CALGARY (Reuters) - Enbridge Inc (ENB.TO) on Thursday said it expects to quickly restart its huge pipeline system, the day after a deadly blast in Minnesota killed two workers and briefly choked off 10 percent of oil imports to the world's top consumer.

2007.11.29 - Industry News - World faces "cyber cold war" threat

Thu, 29 Nov 2007 10:28:42 -0500

Peter Griffiths,
Reuters,
29 Nov 2007
LONDON (Reuters) - A "cyber cold war" waged over the world's computers threatens to become one of the biggest threats to security in the next decade, according to a report published on Thursday.

2007.11.19 - Industry News - NIST addresses security for industrial controls systems

Wed, 21 Nov 2007 14:09:12 -0500

William Jackson,
Government Computer News,
19 Nov 2007
The National Institute of Standards and Technology has released an initial draft of new security guidelines for government information technology systems used for industrial control processes. The guidelines are in a revised appendix to NIST Special Publication 800-53, "Recommended Security Controls for Federal Information Systems."

2007.11.13 - Industry News - Asymmetric cyber threat

Thu, 15 Nov 2007 14:26:27 -0500

James A. Lyons Jr.,
Washington Times,
13 Nov 2007
One asymmetric threat to our military forces and the nation is "cyber terrorism." Our advanced technologically based military forces - dependent on our satellites, critical infrastructure computers, the Internet, secure software programming, computer-driven telecommunications, air traffic control centers and other sophisticated sensor systems - are tempting targets for cyber terrorism.

2007.11.06 - Industry News - White House officials ask for $154 million in new cybersecurity spending

Wed, 7 Nov 2007 13:56:43 -0500

Jason Miller ,
FCW.com,
06 Nov 2007
White House officials today asked Congress for more than $436 million in new cybersecurity and counterterrorism programs in the Homeland Security and Justice departments’ fiscal 2008 spending bills.wants the next administration to address.

2007.11.05 - Industry News - Panel must narrow cybersecurity scope

Tue, 6 Nov 2007 13:33:17 -0500

Jason Miller ,
FCW.com,
05 Nov 2007
31 experts form a commission to give next president their advice on network defenses

A new blue-ribbon panel that will develop cybersecurity recommendations for the next president faces a compressed schedule and the challenge of agreeing on a cybersecurity agenda that it wants the next administration to address.

2007.11.02 - Incidents - Arizona Nuclear Power Plant Off Lockdown After Security Alert

Tue, 6 Nov 2007 09:05:42 -0500

Associated Press (AP),
FOXNews.com,
02 Nov 2007
WINTERSBURG, Ariz. - Security officials at the nation's largest nuclear power plant detained a contract worker with a small, crude explosive device in the back of his pickup truck Friday, and investigators were searching his apartment, authorities said.

2007.10.29 - Industry News - Controlling Hackers

Thu, 1 Nov 2007 16:15:59 -0400

Ken Silverstein,
EnergyBizInsider,
29 Oct 2007
Violent lunatics bent on the destruction of western civilization are one thing. Silent computer hackers who can whittle away at the nation's infrastructure are another.

Federal and industry experts say that the technology that allows utilities to run their operations is more vulnerable now than ever before. Because those networks are becoming increasingly standardized and linked to other centralized systems, they can be more easily breached and the resulting disturbances can be enormous.

2007.11.01 - Industry News - Al Qaeda Sets a Date for Cyber Jihad

Thu, 1 Nov 2007 10:04:29 -0400

Ben Worthen,
Wall Street Journal (wsj.com),
01 Nov 2007
Earlier this week, an Israeli counter-terrorism group discovered an announcement on an Arabic Web site: Jihadists are going to launch a coordinated cyber attack on 15 Western Web sites on November 11. They plan to expand the attack "until hundreds of thousands of Islamist hackers are in action against untold numbers of anti-Muslim sites.

2007.10.31 - Industry News - Public utility's bare insecurities

Tue, 30 Oct 2007 15:00:19 -0400

Richard Bray, columnist, CIO Government Review,
InterGovWorld.com,
31 Oct 2007
The shocking image of an electrical generator ripping itself apart in a simulated hacking attack opens a CNN report on SCADA (supervisory control and data acquisition) vulnerabilities.

The computer network attached to the generator has been breached and the SCADA controller settings changed to make it self-destruct.

2007.10.30 - Industry News - New U.S. tack to defend power grid - Lawmakers are on alert as hackers increase attacks on US infrastructure.

Tue, 30 Oct 2007 09:52:38 -0400

Mark Clayton ,
The Christian Science Monitor,
30 Oct 2007
For nearly five years, the US government has struggled to guard the nation's electric grid, drinking water, and other critical infrastructure from cyberattack. But as hackers continue to infiltrate such systems, and as reports surface of a surge in computer attacks on the electric grid, experts and lawmakers have an urgent message for the Bush administration: Cybersecurity defenses need an overhaul.