2011 August

August 2011

Red Tiger Security mentioned in recent media articles

BlackHat Press

The past week at BlackHat and Defcon released a whirlwind of activity in the media, and a few of the articles involved critical infrastructure and SCADA Security. Nico Sell with BlackHat press arranged for a press meeting, and we were able to participate in a press event specifically dealing with the number of recent security findings related to SCADA systems and PLCs/RTUs. We continued to send out the message that embedded devices such as PLCs and RTUs simply do not have the level of security commensurate with the level of risk represented by the functions that these devices serve in the SCADA system. We have a security briefing coming out soon that will go into more detail on this topic.

CNET News

Elinor Mills, with CNET News, took some time to sit in our 2-day course and was amazed to see that the embedded devices did not have any authentication or encryption. Basically if you can ping these devices, the game is over. When she saw how easy it was for us to turn the lights ON and OFF by simply sending a few packets to the PLC, the lights went on in her head. She then asked if any of these devices were accessible right now over the Internet. I told her that we often find PLCs and RTUs directly connected to the Internet, and during a break in the class, Tom Parker and I found several Modicon PLCs on the Internet. They have little embedded web servers, so if they were assigned a public routable IP address, you simply type their IP address in your browser, and you immediately have access to the inner workings of the embedded controllers. She wrote an article about this on CNET News, and the link is listed below:

http://news.cnet.com/8301-27080_3-20087201-245/researchers-warn-of-scada-equipment-discoverable-via-google/

Vanity Fair

Michael Gross, who recently wrote a detailed article about the background leading up to the Stuxnet virus, also wrote an excellent article entitled “Enter the Cyber Dragon” about the many cyber attacks seemingly originating from China. In this article, we were cited as a resource based on the work that we are doing in the Oil and Gas sector to help our clients secure their critical SCADA systems. Michael’s article which is running in the September issue of Vanity Fair, can be found here:

http://www.vanityfair.com/culture/features/2011/09/chinese-hacking-201109

While our policy is to never release the names of our clients to the press, or the specifics relating to our research in the field of SCADA Security, we do like to help get the word out to as many as possible when the topic is broad enough to not compromise the integrity of our work. Even though I have been working in this field since 2001, it often surprises me as to how little most people know about SCADA Security. I’m hoping that with some of the recent press and media focus, that we can elevate the urgency and need for enhanced security, especially for those mission-critical systems that we count on for our nation’s economy and well being.

Thanks,
Jonathan

Red Tiger Security joins NPRA and scheduled to speak at upcoming conference

NPRA, the National Petrochemical & Refiners Association, is a trade association representing high-tech American manufacturers of virtually the entire U.S. supply of gasoline, diesel, jet fuel, other fuels and home heating oil, as well as the petrochemicals used as building blocks for thousands of vital products. NPRA brings together asset owners, high-tech researchers, and industry professionals together to help solve issues relating to the safe and secure operations of mission-critical petrochemical operations.

The founder and team memebers within the Red Tiger Security team have a rich heritage in the petrochemical industry, and has been participating in NPRA events for several years. We are pleased to annouce a tighter relationship with NPRA by joining the association. We have also been invited to participate at the upcoming 2011 Q&A and Technology conference coming to San Antonio, Texas in October. We will be speaking about a number of recent cyber security incidents that are impacting the safe and reliable operation of SCADA and DCS Systems. You can find more information about the conference at their web site:
http://www.npra.org/forms/meeting/MeetingFormPublic/view?id=42A9900000008

We are looking forward to catching up with our friends and associates in the petrochemical industry at this event, so drop us a line if you are planning on attending.

Jonathan

Leave a Reply