WhitePapers
This is a archive for WhitePapers.
Monday, February 20, 2012 @ 03:02 PM gHale
Software Restriction Policies (SRP) enables administrators to control which applications are allowed to run on Microsoft Windows.
SRP is a feature of Windows XP and later operating systems. A user can configure it as a local computer policy or as domain policy using Group Policy with Windows Server 2003 domains and later. Using this guide, administrators can configure SRP to prevent all applications in their domain from running except applications they explicitly allow.
Utilizing SRP as an application whitelisting technique significantly increases the security posture of the domain by preventing many malicious programs from executing.
Click here to find out more and to read the white paper.
Monday, February 13, 2012 @ 12:02 PM gHale
Utility cyber security is in a state of near chaos. After years of vendors selling point solutions, utilities investing in compliance minimums rather than full security, and attackers having nearly free rein, the attackers clearly have the upper hand. Many attacks simply cannot be defended. Pike Research has observed a dawning awareness by utilities and vendors during the past 18 months of the importance of securing smart grids with architecturally sound solutions. There is hope.
However, cyber security solutions remain challenging to implement, especially as attackers gain awareness of the holes between point solutions. Security vendors have finally found time to focus on industrial control system (ICS) security, not only advanced metering infrastructure (AMI) security – although a few security vendors have focused on ICS from the outset. The utility cyber security market will be characterized by a frantic race to gain the upper hand against the attackers, while at the same time strong competitors attempt to outdo each other.
This paper looks at seven key trends in smart grid cyber security.
Thursday, February 2, 2012 @ 04:02 PM gHale
For the moment, the “bad guys” have the upper hand – whether they are attacking systems for industrial or political espionage reasons, or simply to steal money – because the lack of international agreements allows them to operate swiftly and mostly with impunity. Protecting data and systems against cyber attack has so far been about dousing the flames, although recently the focus has been shifting towards more assertive.
The preparation of this report has been greatly helped by Robert Lentz’s framework for measuring levels of cyber-security in governments and private companies. Lentz is President and Chief Executive of Cyber Security Strategies, and has 34 years experience working for the U.S. government. His Cyber Security Maturity Model explains the five stages toward resilience against cyber-attack, through conventional threat to advanced persistent threat, and was used as the measurement tool for our country-by-country stress test in the second part of the report.
Even if everyone accepts the need for standards, rules, laws, codes of
conduct and maybe even a global treaty to protect cyber space against cyber crime, not everyone agrees on how to get there. The debate is also about who should make the rules, and to what extent dominance by the military is a good or a bad thing. The fact that cyber-space knows no borders implies that cyber security is only as good as its weakest link, and that something must be done about unregulated countries that can offer a haven for cyber-criminals.
Click here to view the entire white paper.
Wednesday, January 25, 2012 @ 05:01 PM gHale
Under the direction of the Federal Energy Regulatory Commission (FERC), the North American Electric Reliability Corporation (NERC) is charged with enforcing reliability standards for the Bulk Electric System (BES) in North America. Reliability standards for the BES are created under NERC’s supervision by an industry-driven process. Both physical security threats and cyber security threats are regarded as threats to the reliability of the BES, and as a result a set of Critical Infrastructure Protection (CIP) security standards have been adopted.
In December of 2011, NERC issued Compliance Application Notice (CAN) 0024 “CIP-002 R3 Routable Protocols and Data Diode Devices.” The purpose of a CAN is to provide guidance to auditors who evaluate industry compliance with CIP reliability standards and who make findings that can lead to enforcement actions and monetary fines. CAN-0024 provides instruction for assessing whether the communication characteristics of data diode devices can be used to exclude cyber assets from consideration as Critical Cyber Assets (CCA) when a routable protocol is used when not at a control center.
The following white paper details how to apply NERC-CIP CAN-0024.
Thursday, August 4, 2011 @ 12:08 PM gHale
Is it new or is it just garnering more attention? At any rate, over a 5-year period, there was a series of cyber attacks on the networks of 72 organizations globally, including the United Nations, governments and corporations.
To read the McAfee white paper, please click here.
Thursday, July 7, 2011 @ 03:07 PM gHale
This document provides an overview of the Win32/Rustock family of rootkit-enabled backdoor trojans.
The document examines the background of Win32/Rustock, its functionality, how it works, and provides threat telemetry data and analysis from calendar year 2010 through May 2011. In addition, this document details the legal and technical action used to takedown the Rustock botnet and how to detect and remove the threat using Microsoft antimalware products.
Thursday, March 31, 2011 @ 04:03 PM gHale
With the advent and evolution of functional safety standards in North America and Europe, UL is now offering a UL Functional Safety Listing Mark that can be added for those qualifying companies in the process of getting a traditional Listing from UL.
A host of factors are driving the demand for functional safety evaluation among equipment and device manufacturers. Principal among these are Customer requirements; Market acceptance; Competitive advantage; Legislation; Regulations; Trade Unions, and Insurance Companies.
For more information, go to this Underwriters Laboratories white paper.
Monday, March 21, 2011 @ 01:03 PM gHale
Following its discovery in June 2010, the Stuxnet worm caused a worldwide sensation. It is the first publicly known rootkit attack targeted at industrial plants. It has infected tens of thousands of PCs, and abused and manipulated automation software running on Windows operating systems. Its ultimate purpose: To infiltrate malicious code
into the controllers of specific real-world industrial installations.
Experts have long warned that malware and insufficient IT security pose a threat to automation networks, but Stuxnet offers concrete proof these threats can no longer be ignored.
The following Phoenix Contact white paper discusses how to boost security against Stuxnet-like attacks and reduce their associated risks.
Friday, February 11, 2011 @ 05:02 PM gHale
Hackers who appear to be in China have conducted a coordinated campaign of cyber espionage against major Western energy companies, according to a report from cyber security firm McAfee.
The following white paper shares the details from the McAfee report.
