![]() Don's previous experiences include large-scale incident responseĮfforts for organizations with international assets and interests, theĬertification and accreditation of classified federal and military Security, LLC, an information security consulting company based in Weber is the Principal Consultant and Founder at Cutaway Join to be a part of this discussion and interact with other ICS implementers and ICS security professionals. Further discussion about this topic, and other ICS subjects, are currently happening in the SANS ICS Community forum. It contains information about what is currently known, the technologies involved, and details teams should consider when investigating and responding to these types of events. In addition to this discussion, the SANS ICS team has produced a downloadable outline of the Oldsmar, FL Water Facility Event that can be used by teams to understand and discuss the situation. differences between IT incident response and ICS incident response that are important during these types of events.roles of vendors, integrators, and process owners in defining and implementing security requirements and controls, and.cost of changes to applications, controllers, and physical deployment of process assets,.the physical limitations often implemented within processes that can prevent an attacker’s process modification,.the common configuration issues related to HMI, controllers, and physical implementation that increase risk to the process,.how process personnel receive notifications / alerts and common response actions,.the situation and actions that can lead up to configuring external access to a process,.In the ICS Hot Take: Oldsmar, FL Water Facility Event Youtube video, the team focuses on Weber, gathered to discuss interesting points raised by this event. To this end, a panel of the SANS ICS team, composed of Jason Dely, Jeff Shearer, and Don C. However, this event does provide us the opportunity to help the public, leaders, operators, administrators, and information security professionals understand the complexities involved with operating and securing process environments like the Oldsmar, FL Water Facility. ![]() Ĭurrently, there is limited information about this event which is not enough to discuss specific points related to the facility’s recovery efforts, incident response steps, or their cybersecurity program. The Cybersecurity and Infrastructure Security Agency (CISA) provides an initial account of this situation in. This activity was detected by a water facility operator and the levels were quickly reset to the normal levels. These actors used this access to modify the sodium hydroxide levels of the water treatment process. On Februa Human-Machine-Interface (HMI) at the Oldsmar, FL Water Facility was accessed by unauthorized actors through remote desktop software that was exposed to the internet. Immediately apply the skills and techniques learned in SANS courses, ranges, and summits
0 Comments
Leave a Reply. |