Call us! 512-349-0334 or (877) INDUSOFT

Five ways to improve SCADA Security for Critical Infrastructure

In anticipation of our upcoming Cybersecurity Webinar in just under two weeks, we wanted to expand on some measures that should be implemented in order to make SCADA Systems and Industrial Control Systems (ICS) controlling critical infrastructure inherently more secure. We expect that the majority of our customers may have already investigated using most or all of these methods in their security configurations, but we’ll discuss them and expand on them as necessary, using current industry guidance recommendations. Continue reading

What you Need to Know about Industroyer and the Threat it Poses to Industrial Control Systems

In 2010, a massive threat to industrial control systems called Stuxnet spread worldwide to infect thousands of systems running Siemens software. It was a weapon developed to cripple nuclear facilities. Last year, a new threat emerged in Ukraine that rivals the danger of Stuxnet. This new threat took down a power plant for over an hour, and may have been a precursor to a large-scale efforts to take down or damage power grids, as well as other types of critical infrastructure in the future. Continue reading

Companies that Don’t Take Security Precautions May be Liable for Breaches

The hack of Sony not only resulted in huge losses of data, but it revealed how poorly that data was protected. Now, employees who had their identities exposed as a result of the hack have banded together. A U.S. district court judge has given them approval to sue Sony Pictures Entertainment for their poor protection of personal information. Continue reading

National Cybersecurity Awareness Month Update with InduSoft

October is the 10th Anniversary of National Cybersecurity Awareness Month, and a group of federal officials, Fortune 500 CEOs, and digital industry leaders visited NASDAQ and rang the opening bell this morning (October 21st), marking the launch of the National Cyber Security Alliance website. Continue reading

Critical Updates to InduSoft Web Studio are Available.

Patches for the security vulnerabilities discovered by US-CERT and ZDI in some older versions of InduSoft Web Studio are available on the Security Hotfix Updates Web Page of the InduSoft website. The current versions of the product do not have any known vulnerabilities. Continue reading

InduSoft Report: NIST Cybersecurity Framework Workshop

Recently, InduSoft attended the NIST workshop held to promote SCADA security. Here is the report of the event from our own Richard Clark.

NIST(National Institute for Standards and Technology) held the 2nd of 4 workshops on creating a Cybersecurity Framework that be applied across any platform and also be vendor independent, during the week of May 26, 2013. These workshops are the result of Executive Order 13636, tasking NIST with creating the Cybersecurity Framework. Continue reading

Join the SCADA Security Conversation with InduSoft Web Studio

Because SCADA security is an issue that affects not only automation worldwide, but critical infrastructure as well, it’s important to be an active participant in the SCADA security dialog. InduSoft feels very strongly about the importance of educating ourselves and users of InduSoft Web Studio about SCADA security, and to open up the discussion to include a wide range of viewpoints. Here are some of the ways to become actively involved in this topic: Continue reading

Protecting Your SCADA Network – Even When It’s Communicating With the Outside World

It has almost become a myth that it’s possible to protect SCADA networks by creating an ‘air gap’ between the system networks and the outside world, particularly as more and more companies have taken the leap into cloud computing. Luckily, there are still many ways to protect networks from outside interference while admitting the reality that there will always be pathways from the outside into the control system. Continue reading

Protect Remote Terminal Units for Better SCADA Security

As web-based SCADA, cloud technology, and remote access to SCADA and HMI systems becomes more widespread, there’s a move toward managing remote SCADA systems from across buildings, or even across town. With SCADA security an omnipresent concern, how can supervisors protect their Remote Terminal Units (RTUs) from direct or indirect malicious attacks and negligence? Here are some best practices to protect access to RTUs, both through physical security and the SCADA/HMI security built into SCADA software like InduSoft Web Studio. Continue reading