FERC Releases Staff Report on Lessons Learned from CIP Audits
In October, the Federal Energy Regulatory Commission (FERC) released its “2020 Staff Report Lessons Learned from Commission-Led CIP Reliability Audits.” The report summarizes the Commission’s observations from Critical Infrastructure Protection (CIP) audits performed in conjunction with staff from Regional Entities and the North American Electric Reliability Corporation (NERC). It is ... Read More
Zerologon: Tripwire Industrial Visibility Threat Definition Update Released
Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10—the most critical rating of severity. Zerologon is a vulnerability ... Read More
NERC Publishes Practice Guide for assessing SVCHOST.EXE
One of our customers (you know who you are, thanks!) made us aware of a new practice guide titled “ERO Enterprise CMEP Practice Guide: Assessment of SVCHOST.EXE” published exactly two weeks ago today on September 15th, 2020. NERC seldom releases guidance like this, so they shouldn’t go unnoticed. They’ve published ... Read More
Joint “CYPRES” Report on Incident Response Released by FERC
Earlier this month, the Federal Energy Regulatory Commission (FERC) published a joint report entitled “Cyber Planning Response and Recovery Study” (CYPRES) in partnership with the North American Electric Reliability Corporation (NERC) and eight of its Regional Entities (REs) in order to review the methods for responding to a cybersecurity event ... Read More
Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly
The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, ... Read More
A Look at Trump’s Executive Order to Secure the Bulk Power System
On May 1st President Trump signed an Executive Order on “Securing the United States Bulk-Power System.” The order cites foreign adversaries and their increased creation and usage of vulnerabilities against the grid as the primary driver. In my opinion, perhaps more interesting is the inherent ties to the NERC standards, ... Read More
FERC Approves Deferment of 3 CIP standards
Just a couple of weeks back I posted to The State of Security an article titled “Finally Some Good News: NERC Proposes Deferment of 3 CIP standards,” and, as suspected, the Federal Energy Regulatory Commission (FERC) approved the extension officially on April, 17th with this order. Having approved NERC’s petition ... Read More
Finally Some Good News: NERC Proposes Deferment of 3 CIP standards
Amidst all the pandemic doom and gloom, we finally have something positive come from the chaos: NERC filed a motion recently (April 6, 2020) to defer three Critical Infrastructure Protection (CIP) Reliability Standards (as well as 1 PER, and 3 PRC standards) for three months due to the national emergency ... Read More
We Want You! Win the War on Ransomware Today
Arguably, the first malware extortion attack occurred in 1988 – the AIDS Trojan had the potential to be the first example of ransomware, but due to a design flaw, the victims didn’t end up actually having to pay up the 189 bucks. It’s safe to say that over the past ... Read More
To Be or Not to Be: BCSI in the Cloud?
With regard to BCSI (BES (Bulk Electric System) Cyber System Information) in the cloud, responsible entity sentiments at the moment may be akin to Prince Hamlet as he contemplated death and suicide, “bemoaning the pain and unfairness of life but acknowledging that the alternative might be worse.” As currently written ... Read More
