Industry News: All About Keystone XL Pipeline

The Keystone pipeline has been the subject of a hot debate in the Senate for weeks. Now that Congress has approved the bill, make sure you don’t get caught at the water cooler not knowing your stuff. In this week’s industry news, we’ve compiled the top stories around the Keystone XL, both basic and advanced, to keep you informed and knowledgeable on the subject.

Read More

VuRTIS Report: The BlackEnergy Variant & Kerberos Checksum Vulnerability

“If it’s not broke, don’t fix it!” How many times have we all heard that? Unfortunately, for those of us charged with protecting our nation’s critical infrastructure and key resources, that old mantra simply doesn’t hold true. We must remain vigilant in our pursuit of our adversaries, tireless in our efforts to outwit them, and steadfast in our defensive posture to “hold the line.” In order to do all that, security professionals must continue to strive to fix our networks before hackers get in. Cimation Threat Intelligence reports help you to do just that.

This VuRTIS report provides the top vulnerabilities reported in January 2015. One of the most-reported vulnerabilities includes the Kerberos Checksum Vulnerability. When exploited, this vulnerability puts domain administrator permissions at risk. Download the report for access to a live example of hacker, Rob Fuller, exploiting the Kerberos Vulnerability.

Read More

ICS Boot Camp 2015: Get Your Business In Shape!

It’s the end of January and we know what that means. For most of us, our resolutions have already gone out the window. That’s why we’ve created the 2015 ICS Boot Camp! We’ve put together the top trends you need to know to get your business in gear. Help your company stay in shape by incorporating some of these trends in industrial control systems into your operations technology strategy. Download the ICS Boot Camp infographic and get back on track!
    1. Exercise Your Options for DCS Migration & Upgrades: Many legacy systems are old, unreliable, and "out of shape." Migrating to a new DCS or upgrading your existing system can help improve operational efficiency by eliminating high repair costs and unscheduled downtime. But take care, as the biggest cost in DCS migrations is implementation. Overruns are mostly attributed to field time. The same way an athlete trains before the big game, it's important to perform the proper FELs and identify the gaps to improve operations and efficiency before implementation. How else can you prevent costly overruns in your system migration projects?

Read More

Industry News: Tech and Rig Trends, S4x15 & Malvertising

We explore the latest industry trends in this week’s news round-up. From the latest tech trends in 2015 to rig trends in the Gulf of Mexico, learn the effects they are having in the oil and gas industry. Find out more about crude rebounds and Q4 oil and gas earnings. Learn the truth about “malvertising” and what it means for your devices. Finally, discover the top take aways from the S4x15 conference.

S4x15 Recap:  The Pain Pyramid, Data Diodes & RIPE Framework: Last week, Cimation attended the S4x15 in Miami, Digital Bond’s annual conference that brings together some of the best and brightest in industrial control system security. In between Cuban-themed networking events, synchronized swimming and even drone flying competitions, the 200+ attendees heard from some of the industry’s leading experts on the novel technologies and new techniques that are being used to exploit and secure industrial control systems generally and Supervisory Control and Data Acquisition (SCADA) systems specifically.

Read More

Cimation's Recap of S4x15 ICS Cyber Security Conference: Device-Level Exploits, The Pain Pyramid, & Data Diodes

Last week, Cimation attended S4x15 in Miami, Digital Bond’s annual conference that brings together some of the best and brightest in industrial control system security. In between Cuban-themed networking events, synchronized swimming and even drone flying competitions, the 200+ attendees heard from some of the industry’s leading experts on the novel technologies and new techniques that are being used to exploit and secure industrial control systems generally and Supervisory Control and Data Acquisition (SCADA) systems specifically. While there were many great talks throughout the week, a few presentations really got us thinking about the current state of ICS cyber security. 

Read More

Internet of Things: Where are the standards?

We’ve talked about the Internet of Things (IoT) before in the article, The Internet of Things & Proximity-based technology: Alljoyn Review. It was definitely one of the themes of 2014 and will be top of mind again in 2015 as we explore safety and standards (or lack thereof) surrounding IoT. The truth is, any time devices are connected to the internet, privacy and security issues are bound to arise. Gartner Research predicts that by the year 2020, there will be more than 26 billion Internet-connected "things" (not including PCs, tablets, or smartphones) which pose new challenges to cyber security.

Read More

Industry News: Cash Negative Crude & ICS Trojans

Decreasing oil prices are affecting more than those at the pump. We’ve found some of the news stories that take a closer look at the impact of falling crude prices. Also, learn the latest on the surprising twist in cyberattacks hitting plant floors. Finally, see how cyber threats can hit the bottom line and how corporate officers and directors will be held responsible.

Read More

3D Printing & The Impact on Manufacturing

Yes, 3D printing technology has been around since the 1980's. But for many a layperson it seems like a new phenomena. In reality, the 3D printing market has been taking off for the past 10 years. Originally invented as a means to create small plastic models and prototypes, 3D printers are now used for full-scale applications, helping to create a variety of items from clothing and prosthetics to electronic products and even food. (Most recently in the news, a pizza from CES 2015) Actually, the uses are becoming more and more out of the box. But what does this mean for Manufacturing and Industrial Automation?

Read More

VuRTIS Report: Regin Trojan, News & Upcoming Events

In terms of cyber security, 2014 will go down in history books as one of the most exciting years since Y2K. With the explosion of IoT (Internet of Things) and “wearables”, the widespread business practice of BYOD (Bring Your Own Devices), and culminating in a cyber knife fight between Hollywood and North Korea, cyber security professionals have had to stay on their toes – and 2015 doesn’t look any easier.

In our latest VuRTIS Report, learn about:
  • ICS-CERT's new YARA signature that aids in identifying malware files 
  • Newly-released information on Regin, a fairly sophisticated Trojan used to conduct intelligence-gathering campaigns
  • The latest news and events that threaten the oil and gas industry and ICS/SCADA systems
Read More

Industry News: Coolest Hacks of 2014, Oil & Gas Resolutions

Is your head a little fuzzy this morning? Still groggy from the holiday? Don’t worry! While you’ve been ringing in the New Year, we’ve been rounding up the latest industry news. Check out the coolest hacks of 2014 and see what resolutions professionals in the oil and gas industry have made this year. Discover what oil and gas companies must do in 2015 and what’s expected for Canadian crude.

The Coolest Hacks Of 2014: TSA baggage scanners, evil USB sticks, and smart homes were among the targets in some of the most creative -- and yes, scary -- hacks this year by security researchers. It's easy to forget some of the more innovative and eye-popping hacks by the good guys in 2014 amid the painful and unprecedented wave of cybercrime, cyber espionage, and cyber mayhem that the world has witnessed the past 12 months.

Read More