Tuesday, April 30, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Cyber Security: How hackers can compromise financial markets

Read how fake tweets from the Associated Press's hacked Twitter account disrupted the DOW, causing it to drop almost 150 points in a matter of minutes.

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Monday, April 29, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Cyber Security: ICS-CERT Vulnerability Summary for Week of April 22

Click the link below to view the summary of cyber security vulnerabilities for the week of April 22 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB13-119


Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Friday, April 26, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Thursday, April 25, 2013

Cyber Security: Symantec tracks growing phishing and watering hole attacks

According to Symantec's Internet Security Threat Report (ISTR) released last week, targeted cyber attacks have risen 42% between 2011 and 2012, with a focus on the manufacturing sector and small businesses.

You can find a link to the article and a link to Symantec's ISTR here.



Wednesday, April 24, 2013

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 15

Click the link below to view the summary of cyber security vulnerabilities for the week of April 15 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB13-112


Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Cyber Security: Nations with the most mobile malware

Read about the top 3 nations with the most mobile malware and how Android operating systems are becoming more targeted.

http://www.clickorlando.com/news/money/Nations-with-the-most-mobile-malware/-/1637116/19764774/-/eofp9a/-/index.html

Tuesday, April 23, 2013

Cyber Security: Anonymous hacks Westboro Baptist Church's Facebook page

Read about one of Anonymous' most recent cyber attacks on the Westboro Baptist Church's social networking sites, in retaliation for comments they made about the funerals of those killed in the Boston explosions last week.

http://www.motherjones.com/mojo/2013/04/anonymous-hacks-westboro-baptist-church-facebook-boston-marathon

Monday, April 22, 2013

Cyber Security: January-March 2013 ICS-CERT Monthly Monitor

View ICS-CERT's January-March 2013 newsletter, with a feature article on a spearphishing campaign that was used to customize an attack against the Energy Sector.
http://ics-cert.us-cert.gov/pdf/ICS-CERT_Monitor_Jan-Mar2013.pdf

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Friday, April 19, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Thursday, April 18, 2013

Cyber Security: Android app demonstrates the possibility of hijacking an airplane remotely

Read how Hugo Tesco, a security consultant and trained pilot, developed an Android app that could possibly take control of an airplane remotely. Many planes have systems that are unsecured and unencrypted, Tesco said.

http://www.newlaunches.com/archives/hacker-comes-up-with-an-android-app-that-can-remotely-attack-and-hijack-an-airplane.php?#038;#038



Wednesday, April 17, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Cyber Security: Cyber Security for Power Generation

As more electric power plants begin their NERC CIP compliance plan, many are left trying to understand where to start. Find out what areas require special attention.


http://real-time-answers.com/cyber-security/

Tuesday, April 16, 2013

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 8

Click the link below to view the summary of cyber security vulnerabilities for the week of April 8 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB13-105


Cyber Security: Microsoft security update may break Windows 7

A security patch released by Microsoft on Patch Tuesday last week caused some machines to go into an endless cycle of reboots. Microsoft recommended users who installed the patch to uninstall it.

http://www.technewsdaily.com/17736-security-update-breaks-windows.html

Monday, April 15, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Thursday, April 11, 2013

Cyber Security: Israeli websites targeted by Anonymous

Anonymous had little success in hacking Israeli government websites last weekend, thanks to their warnings online prior to the attacks. Read the article here.

Wednesday, April 10, 2013

Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Cyber Security: Small-scale cyber attacks in Maine

Read about how "the largest consumer data breach in U.S. history started with an antenna hidden in a Pringle's can in a Minnesota parking lot" and cost its victims over $2 billion in damages.


Tuesday, April 9, 2013

Cyber Security: Webcam hacking

Read about how hackers can turn on your webcam remotely and control your computer using a malicious virus known as Remote Administration Tools (RATs).


Monday, April 8, 2013

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 1

Click the link below to view the summary of cyber security vulnerabilities for the week of April 1 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB13-098


Cyber Security: Dell Tablet Giveaway

Dell Tablet Giveaway

We want to hear from you, so we're giving away a Dell tablet! Keep up to date with the Invensys cyber security team through a pre-loaded Android app and have easy access to The Cyber Advisor Newsletters as well as datasheets and service profiles about our solutions.

During the month of May, there will be 2 blog entries a week that contain a link to a survey related to that post. The rules are simple. To qualify, you must take the survey and leave a comment saying you completed the survey.  The more blogs you read, the more surveys you take, the greater your chances of winning. The winner will be announced on the blog May 31, so please remember to check back!

The contest will begin on May 1, so stay tuned!


Wednesday, April 3, 2013

Cyber Security: ATM hacking

Read about how a new type of malware being planted in ATMs can lift card information, compile the data in a document, and send it straight to the hacker.

Tuesday, April 2, 2013

Cyber Security Advisor Newsletter – Mar. 2013 Vol. 18

Welcome to the latest Global Cyber Advisor Newsletter,

To my fellow Invensys colleagues, congratulations on a successful year as we move on to a new challenges and successes in this new Fiscal Year.

There has been news lately of various government and extremist sponsored cyber attacks. Large to small, companies, government agencies, and private groups are targets of various attacks, including information gathering for use at a later date. We need to stay vigilant and help our customers develop their Cyber Strategies and secure their process environments.      

As we continue our efforts to educate the need to address cyber security, the details that rise to the top are consistent. All successful Security Solutions are part of an overall program that address who will manage, maintain, and upgrade the solution for its lifetime. The latest and greatest technology can’t really just be dropped in and expected to perform; you must match it with your plans and strategy. The message is, consider what the needs are, develop a program, and then determine the technical controls.   

If you’ve missed our previous editions, you can find them at this location:   http://iom.invensys.com/EN/Pages/CyberSecurity-Newsletters.aspx
  

Click here to open the March 2013 newsletter.

Cyber Security: Staying ahead of the curve with nuclear cyber security

Steve Batson, Invensys Critical Infrastructure & Security Practice consultant, gives tips on how nuclear plants can "stay ahead of the curve" and efficently implement cyber security best practices.


U.S. Nuclear Plants have stepped up to the plate and are actively implementing cyber security controls to combat cyber threats. When it comes to cyber security, key areas of focus have been collaboration, leveraging existing programs, standardization, and resource management.

The nuclear industry provides a great collaborative effort through Nuclear Energy Institute (NEI). NEI has several different working groups that allow utilities and vendors to collaborate and approach cyber security systematically and efficiently. Invensys stays intimately involved in NEI and many other key organizations providing useful working groups and sites that provide cyber security guidance.

One area the nuclear industry that saves thousands of man hours is in the efficient performance of cyber security assessments. Sophisticated database tools, like Wiznucleus Cyberwiz-Pro and Lumension Risk Manager, make the assessment process manageable. These tools come pre-loaded with regulatory requirements, interfaces with existing site databases, allow security control responses to be applied to multiple CDAs at once, and provide an efficient process for managing and maintaining cyber security assessments. Implementation of common controls across groups of CDAs can leverage existing programs and greatly reduce the time required to assess the implementation of security controls.

Standardizing and centralizing security solutions implemented across multiple platforms can also increase efficiency. Centralized patching, backups, and signature updates greatly reduce the time and effort required to update systems. Centralized log management (Security Information and Event Management) and intrusion detection system functions also improve efficiency and effectiveness. While it is essential to maintain defense-in-depth, minimizing the number of different types of security controls implemented reduces the cost and complexity to maintain cyber security controls on systems. Consider standardizing the type of language incorporated into procurement contracts to help standardize the security control products purchased.

Developing an effective and maintainable incident response program is another area of focus for establishing efficient use of resources. A comprehensive process, procedure, and knowledgeable set of stakeholders are needed to appropriately respond to an incident. Stakeholders will include maintenance, security, management, ops, engineering, and an expert in incident response. Most plants do not want to invest in keeping staff resources trained in forensic analysis and the use of the tools needed to investigate an incident. This is an area where an external expert can be a more efficient use of resources. It also helps to have someone who can lead an incident response team that is dealing with incident response on a regular basis.

These are just a few tips that can allow nuclear plants to stay ahead of the curve and implement cyber security in an efficient manner. By using online resources and guidance documents, participating in working groups, using effective assessment tools, developing common controls, standardizing security controls and procurement language, implementing centralized log management, and establishing effective incident response procedures, nuclear plants are reducing the amount of cost, effort, and resources needed to implement their cyber security plans.

Monday, April 1, 2013