ICS Cyber Security

New Detection Technologies: Ouija 2.0 takes care of Critical Infrastructure

On my last post in the CCI Blog, I described how American Water Works Association Cyber Security Framework didn’t addressed the detection Cyber Security events measures for these control systems.
Today I have seen a good tweet (as always) from our colleague Joel Langill (@SCADAhacker)  advising about a new Tripwire studyon Critical Infrastructure.  In their study they stated than “86% energy security professionals believe they can detect a breach on critical systems in less than 1 week, and suddenly I remembered the last CCI report on Industrial Cyber Security for Spain in 2015. According to that report, these were the Cyber Security solutions deployed on those Networks:

As you can see, SIEM, log correlation, IDS and IPS technologies are not very popular on such organizations, so questions are:
  •        Who has responded in the Tripwire survey? (Surely not Spanish Industrial companies)
  •         If you are not monitoring cyber security events, how can you detect them?
  •        Why Duqu 2.0 has been hitting ?
The only rational response to this astonishing detection rate of 86%  is …….  Ouija !!!! (Of course, version 2.0 with snmp and syslog support)
You must sign in to rate content.


There are no comments yet for this post.

Leave a Comment

You must be logged in to post a comment.