Search results

Wednesday, April 27, 2016 @ 11:04 AM gHale

A ransomware attack hit the corporate computer network at the Lansing Board of Water and Light (BWL) in Lansing, MI, officials said Monday.

System redundancies and separation of BWL’s corporate computer network from the utility network saved the day and allowed the organization to continue operations, said general manager Dick Peffley.

Hack Attack Plan Thwarted
Aircraft Manufacturer Attacked
Security: Ease the Pain …
Unsupported ICS: Not an Easy Upgrade

“I’ve never seen anything of this magnitude,” he said. “We’ve had smaller problems, but nothing that’s shut the entire corporate network down like this.”

Email, phones, computers, printers and other technology on the administrative side remain shutdown, officials said.

Trent Atkins, the utility’s director of emergency management, said there’s no timeline on repairs.

“BWL was attacked by a computer virus that placed encryption software on our corporate network,” he said. “The BWL initiated our disaster response and recovery plan by isolating the virus and a self-imposed shutdown of our system.”

“And at no time was our control system infected, and there have been no threats to the production, the transmission or distribution of BWL utilities to our customers.”
— Trent Atkins, BWL director of emergency management

Lansing police ended up contacted before 7 a.m. Monday, and other state and federal law enforcement agencies have joined the ongoing investigation, he said.

Mayor Virg Bernero, who is out of the country on an economic development trip, has been in personal contact with Peffley and was fully briefed on the situation, Lansing Chief Operating Officer Chad Gamble said.

He added that the city has performed checks of its networks, which are “functioning well,” and will continue to monitor its systems.

The attack was a ransomware virus, which affects access to a computer system until the user pays a fee. BWL officials declined to comment on whether a ransom had been demanded.

“At no time was personal information breached on our network,” Atkins said. “And at no time was our control system infected, and there have been no threats to the production, the transmission or distribution of BWL utilities to our customers.”

The virus did affect the outage phone line and the online outage map. A temporary phone line and outage map have been set up. As of 6 p.m. Monday, the regular outage phone line had been restored, spokesman Steve Serkaian said, but the temporary line remained active as a precaution.

The National Weather Service said thunder, hail and high winds were possible Monday night. BWL officials said the cyber attack created no additional cause for concern with regard to maintaining or repairing utilities.

Commissioner Dennis Louney said the board learned of the virus by Peffley in an email.

Wednesday, April 20, 2016 @ 12:04 PM gHale

One person is dead and four others injured after a fire broke out at Turkish Petroleum Refineries Corporation (TÜPRAŞ) in the western province of Izmit Sunday night.

The fire broke at 10:40 p.m. local time as workers were conducting routine maintenance work at the refinery. The fire occurred in the crude oil unit. The refinery’s technical security teams got the fire out by 11:45 p.m.

VA Goodyear Plant Reopens after Fatality
High Pressure Leak Kills 2, Hurts 1
Lockdown Lifted at Exxon Baytown
CA Refinery Restarting after Explosion

The injured ended up rushed to the hospital and were not seriously hurt. TÜPRAŞ said the injured workers are in good condition.

In February, the refinery suffered from another fire, but there were no casualties. That fire was because of a failure of technical equipment, the company said.

Refinery workers and residents in nearby apartments ended up evacuated following the February fire.

Tüpraş is Turkey’s sole oil refiner, operating four refineries with an annual capacity of 28.1 million tons of crude.

Wednesday, April 13, 2016 @ 11:04 AM gHale

TransCanada Corp. restarted the 590,000-barrel-per-day Keystone crude pipeline at reduced pressure.

The Canadian energy company said the U.S. Pipeline and Hazardous Materials Safety Administration (PHMSA) approved the return to service plan for a controlled start Saturday night.

Pipeline Leak Under Control in SD
Leak Shuts Keystone Pipeline
PA Gas Pipeline Replace Projects Begin
Pipeline Firm Ends Palmetto Plans

The pipeline, which delivers light and heavy crude from Hardisty, Alberta, to Cushing, Oklahoma, and Illinois, shut down April 2 after a leak in South Dakota.

Just about 16,800 gallons of oil leaked into a field in South Dakota as part of a spill that shut the Keystone pipeline down, TransCanada officials said.

“As part of the return-to-service plan approved by PHMSA, TransCanada is operating the pipeline at reduced pressure,” the company said.

In an emailed statement, company said it identified the leak near its Freeman pump station in Hutchinson County, South Dakota.

The company also said it will conduct aerial patrols and visual inspections during the restart.

Wednesday, March 23, 2016 @ 04:03 PM gHale

A pipe broke at a sewage treatment plant in Fort Lauderdale, FL, and leaked 400 to 600 gallons of hydrogen peroxide, officials said.

Workers are now cleaning up the spill, which occurred Monday at 5:20 p.m.

HazMat Crews Respond to Refinery Issue
Ammonia Leak at TX Ice Maker Forces Evac
Chemical Hazards at NY Ice Maker
2 Killed in Ice Factory Blast

The chemical spilled into a holding tank when the pipe broke at the sewage treatment plant. Crews worked through the night to safely remove about 400 to 600 gallons of the highly-concentrated chemical.

The biggest concern is hydrogen peroxide reacts with anything organic, said city spokesman Chaz Adams. He said HazMat crews used buckets to remove the chemical from the tank.

There were no injuries in the incident and some surrounding evacuated as a precaution.

Wednesday, March 23, 2016 @ 04:03 PM gHale

Operators of southwestern Michigan’s Donald C. Cook Nuclear Plant in Lake Township, MI, said one of its units is shutting down for routine refueling and maintenance.

Power at the Unit 1 reactor reduced down to 50 percent Sunday night for equipment testing in advance of Wednesday’s start of the outage, said plant spokesman Bill Schalk.

PA Nuke Shuts for Refueling
FL Nuke Leaking Radioactive Isotope
Refueling Shutdown for NY Nuke
Malfunction Shuts NH Nuke

Equipment replacement, modification and inspection work also are on tap for the outage. About 1,500 contracted workers are coming to the plant to assist the 1,200 regular staff members during the outage, Schalk said.

Indiana Michigan Power runs the plant, which is along Lake Michigan in Berrien County’s Lake Township, near Bridgman.

The Unit 2 reactor will continue to operate during the outage. Officials haven’t said how long they expect the outage will last.

Nuclear plant operators usually schedule refueling and maintenance outages at this time of year, when seasonal temperatures typically drive lower regional power demand and lower electricity prices.

Thursday, March 17, 2016 @ 05:03 PM gHale

There was an ammonia leak at Reddy Ice Company in El Paso, TX, that evacuated dozens of employees of a nearby baking company late Tuesday night, fire officials said.

There were no employees inside Reddy Ice, but workers at Flowers Baking Company of El Paso, were in the middle of their shift when they smelled a strong odor of ammonia, said El Paso Fire Department officials.

Chemical Hazards at NY Ice Maker
2 Killed in Ice Factory Blast
Haz-Mat Crews Secure Ammonia Leak
Smoky Fire at GA Chemical Plant

They called 911 and 41 employees evacuated the building around 11 p.m., said EPFD spokesman Carlos Briano. No one suffered any injuries.

A HazMat team arrived and prepared to enter Reddy Ice in white hazmat suits.

At 1:49 a.m. firefighters shut off all six ammonia valves and exited the building to undergo decontamination.

A second HazMat team entered the building to detect ammonia levels several times overnight.

“These HazMat incidents are a slow operation. Safety is of the utmost importance, so we are not going to rush the operation. We are going to take our time to make sure everything is safe,” Briano said.

At 5:07 a.m., employees of Flowers Baking Co. were able to go back inside and continue work.

Flowers Baking President Larry Baldwin was in Albuquerque on business when he learned about the incident. He drove to El Paso overnight and arrived while crews were still at the scene. Flowers Baking produces Sunbeam and Nature’s Own bread products inside the factory.

Baldwin said he was “very proud” of his employees for reacting so quickly. He added the employees have an evacuation plan in case of emergency.

Briano said it’s important all businesses have a plan in place when employees encounter unknown chemicals.

“They should evacuate, call 911. It’s a very dangerous (ammonia) substance.”

The fire department cleared the scene at about 6 a.m.

As for the bread produced at Flowers Baking, Baldwin said the company would scrap it for safety.

Monday, March 14, 2016 @ 04:03 PM gHale

An ammonia leak at a former frozen foods plant in Rheems, PA, forced the Haz-Mat crew to secure the building Thursday night.

A residual odor could linger but is not dangerous to residents, said Rheems fire Chief Charles Stanford.

Smoky Fire at GA Chemical Plant
Chemical Leak Injures One
GA Mill Blast Kills 1, Injures 5
Three-Alarm Fire at Chem Plant

“We had a huge plume over a large portion of Rheems so you could have a slight odor wafting in and out,” he said.

Fire units got the call to the former Agrifrost site, in the 100 block of West Harrisburg Avenue, to investigate an odor at 7:25 p.m.

Officials quickly discovered a large ammonia leak from the roof of the building and called in the county’s hazardous material team for assistance, Stanford said. The site is also the former Cope’s Corn property.

Officials evacuated the nearby Robinson ball field while residents ended up told to stay inside their homes.

Stanford said two employees inside the building ended up checked by medical personnel and were OK.

He said PA Growers LLC of Maryland just bought the facility and workers had been dismantling the chilling system when the leak occurred.

Stanford said company officials were on-site Thursday night.

The chief said medical personnel checked out several residents who reported not feeling well but said all checked out OK.

Wednesday, March 9, 2016 @ 09:03 AM gHale

A hardened perimeter used to be the way to ensure a secure network, but the new approach protects in an opposite manner, which is from the inside out.

Understanding a bad guy – whether it is external or internal – can break into a network if that is what he or she truly desires, a network needs to be secure at its core and then push security out toward the perimeter.

ICS-CERT BlackEnergy Report
Breach at IN Utility
Tracking ICS Threats Difficult
Attacks Grow in Oil and Gas

Joel Langill, operational security professional and founder of, uploaded a demonstration to show a real-world scenario of how an external threat would attack an industrial control system (ICS) using social engineering vectors to gain initial access to the enterprise network, and then utilize chained exploits to pivot his way through the networks, firewalls, and hosts to finalize compromise a PLC installed on an “supposedly isolated” network deep within the architecture.

This demonstration is the result of an analysis of vectors used by sophisticated attacks and advanced persistent threats including Stuxnet, Night Dragon, Duqu, and Conficker.

The first part of the demonstration walks you through the actual attack, while the second part discusses security controls a user could apply to create a defense-in-depth solution to stop similar attacks.

The information comes from data collected from several real-world security assessments of ICS networks and those networks that interconnect with the ICS.

Click here to view the demonstration.

Wednesday, March 9, 2016 @ 08:03 AM gHale

Toshiba launched its "Ultra HD" IP video surveillance camera, which can capture 4K video in 3840 x 2160 resolution at a rate of 25 frames per second.

Toshiba launched its “Ultra HD” IP video surveillance camera, which can capture 4K video in 3840 x 2160 resolution at a rate of 25 frames per second.

Toshiba Surveillance IP Video Products, a business unit of Toshiba America Information Systems, Inc., introduced its first “Ultra HD” IP video surveillance camera, the IKS-WB9518, able to capture 4K video in 3840 x 2160 resolution at a rate of 25 frames per second.

By offering Ultra HD resolution, the IKS-WB9518 provides the high level of detail required for an enterprise to more effectively watch for intruders, capture fast moving objects, monitor large expansive areas, and assist in collecting forensic evidence when a crime has occurred. Additionally, its deployment can reduce the number of conventional HD cameras needed by nearly 50 percent due to its ability to cover very wide spaces, such as retail parking lots. This significantly cuts overall system costs while lowering future maintenance needs.

“Adding four times the pixels into a video frame empowers security professionals to cover large areas as well as to zoom into the picture for amazing details without sacrificing quality, even at great distances,” said Greg Hartzell, director of Toshiba Surveillance IP Video Products. “The IKS-WB9518 also captures better facial recognition scans, and provides for improved content analysis in people counting or vehicle plate recognition.”

To deliver highly-consistent 4K sharpness across the entire frame, the IKS-WB9518 features digital wide dynamic range that optimizes image quality by adjusting the gamma (γ) value to enhance dark areas, and minimize image deterioration. It also leverages True Day Night imaging that filters out the Infra-Red for enhanced color images during day mode, yet provides all the advantages of a night vision camera in low light conditions down to 0.005 lux (B/W).

One of the chief concerns with 4K video is its large file sizes. The IKS-WB9518 integrates H.264 video compression, a technology that minimizes network strain with its efficient compression of video data. Multiple streams allow users to stream live video in 1080p HD on a standard monitor while recording it in 4K for later analysis. There is also a built-in microSD slot for edge recording to support cards with a capacity up to 64GB. This feature is invaluable in the event power ends up disrupted from the network switch or from the camera to an NVR.

The IKS-WB9518 is compact for mounting in tight spaces and it also employs PoE (802.3af) which eliminates the need to run power cables. ONVIF compliance enables seamless integration with compatible 3rd party IP equipment and video management software.

Click here for more information.