SANS Industrial Control Systems Security Blog: Author - tgutierrez

Triton/TriSIS - In Search of its Twin

Post provided by: Michael Assante, Director of Industrials and Infrastructure and SANS ICS & SCADA Lead at SANS Institute The recent discovery of ICS-specific malware which targets Schneider Electric's Triconex Safety Instrumented Systems (SIS) with demonstrated capability of modifying system logic/programing, should prompt us to ask, "What is missing here?" Is the malware known … Continue reading Triton/TriSIS - In Search of its Twin


Pictures and Theories May Help, but Data Will Set Us Free

This blog post was written by Tim ConwaySANS Technical Director - ICS/SCADA Programs. In reviewing the open source information available on the most recent Ukraine activity, I have seen numerous references to either a device failure or a cyber-attack as being the leading theories behind the recent electric system event. As the asset owner conducts … Continue reading Pictures and Theories May Help, but Data Will Set Us Free


How do you say Ground Hog Day in Ukrainian?

This post was written by Michael J. Assante, SANS ICS/SCADA Lead and Tim Conway SANS Technical Director - ICS/SCADA Programs. Around this same time last year, as many of us were preparing to enjoy our winter holidays with family and friends, exchanging gifts and eating entirely too much food, the cybersecurity community began learning of … Continue reading How do you say Ground Hog Day in Ukrainian?


Microsoft's New Patching Models will Cause Havoc for NERC Registered Entities

In May 2016, Microsoft announced a change to how updates for Windows 7 and 8.1 systems would be offered. That change made available "Monthly Rollups" that allow all previously released non-security updates to be installed in a single installation update. This week, Microsoft announced a revision to the previously reported plan in that the … Continue reading Microsoft's New Patching Models will Cause Havoc for NERC Registered Entities


NERC CIP Continues to Grow and Adapt

Today, FERC announced the approval of Order 829 directing NERC to develop a Reliability Standard addressing "supply chain risk management for industrial control system (ICS) hardware, software, and computing and networking services associated with bulk electric system operations." Imposing requirements on entities to secure the supply chain will present a significant challenge and I'm anxious … Continue reading NERC CIP Continues to Grow and Adapt