Yesterday the DHS ICS-CERT published the latest version of their ICS-CERT Monitor. Lots of DHS ‘corporate’ type news in this issue, but nothing about any industrial control system incidents.
The opening article, which usually describes a recent incident, provides an overview of what types of services ICS-CERT provides when responding to a control system security incident. I had really been hoping to see some more details about the Navis WebAccess problem that resulted in an alert, an incident response alert and an advisory back in August. This was apparently a very limited in application (very small number of systems) incident, but it was an SQL injection attack on a maritime control system in the wild.
Other corporate news included:
• Presidential Policy Directive on Cyber Incident Coordination;
• US-CERT Portal moving to HSIN, changing name in Fall 2016;
• CSET 8.0;
• ICSJWG Fall 2016 Meeting preview;
• NCCIC team wins 1st Place at FIRST Conference in Seoul; and
• ICS-CERT Training pursuing status as accredited provider of Continuing Education Units;
For those readers that really pay attention to ICS-CERT operations, this issue does provide some interesting information. But, if you were hoping to learn something about industrial control system security issues, this is probably a waste of time.