Network Forensics Tracking Hackers Through Cyberspace
Wired for War: The Robotics Revolution and Conflict in the 21st Century
Blogs / News -
The Startup - The Strategic Seventeen: Zero Trust -
Developed a decade ago, the Zero Trust framework has recently gained more attention due to the collective castle walls of many organisations crumbling and the owners of information systems and data becoming usurped by malicious entities. There is plenty of proof and anecdotal evidence to assure us that cybersecurity incidents are a matter of “when” and not “if”. When you look at it, threat actors tend to come in three varieties: Malicious Outsiders, Malicious Insiders, and Well-Intended Insiders.The Startup - The Essential Eight -
In February of 2017, The Australian Signals Directorate (ASD) Australian Cyber Security Centre (ACSC) published an update to their “Top 4” Strategies to Mitigate Cyber Security Incidents by revising the list to include four more crucial strategies. The “Essential Eight” has received considerable attention over the past several years although I have encountered many organisations that are unsure where to begin. In this article, I will try to give you a bit of a kick-start to help you get going in the right direction. You are not alone…. if you need help, please ask for it since we’re all on the same side!
The original ASD/ ACSC Top 4 included Application Whitelisting, Patching Applications, Restricting Administrative Privileges, and Patching Operating Systems. The Essential Eight now includes those four plus Disabling Untrusted Microsoft Office Macros, Using Application Hardening, Multi-Factor Authentication, and Daily Backups of Important Data.Hack in the Box - How to Clean and Disinfect Yourself, Your Home, and Your Stuff -
The Economist - China goes back to work -
Officials boast that things are almost normal again. Fully 98% of all listed companies have resumed work, says the securities regulator. Around the country 89% of big investment projects, from airport expansions to the laying of gas pipelines, are also under way, according to a planning commission. “Roaring Chinese factories in full swing”, Xinhua, a state news agency, proclaimed on March 21st.
The reality is less exuberant. When any measure becomes an official target, it is susceptible to distortion—a phenomenon known as Goodhart’s law. It has been amply demonstrated in China over the years. In this case an obsession with the “work resumption rate” has invited fiddling. Some low-level officials have told firms to embellish their recoveries, reports Caixin, a magazine. To prevent such trickery, the central authorities started checking electricity data. The logical next step? Some companies were told to consume more power by turning on idle equipment.
Wikipedia - HART Protocol -
The HART Communication Protocol (Highway Addressable Remote Transducer) is a hybrid analog+digital industrial automation open protocol. Its most notable advantage is that it can communicate over legacy 4–20 mA analog instrumentation current loops, sharing the pair of wires used by the analog-only host systems. HART is widely used in process and instrumentation systems ranging from small automation applications up to highly sophisticated industrial applications.
According to Emerson, due to the huge installation base of 4–20 mA systems throughout the world, the HART Protocol is one of the most popular industrial protocols today. HART protocol has made a good transition protocol for users who wished to use the legacy 4–20 mA signals, but wanted to implement a "smart" protocol.
The protocol was developed by Rosemount Inc., built off the Bell 202 early communications standard in the mid-1980s as a proprietary digital communication protocol for their smart field instruments. Soon it evolved into HART and in 1986 it was made an open protocol. Since then, the capabilities of the protocol have been enhanced by successive revisions to the specification.
Summary of Modbus, DNP3 and HART
I am going to keep posting these little summaries until I have covered the following protocols:
EthernetIP / Common Industrial Protocol
mainly because my GICSP is up for renewal this year and this just helps me refresh