We are no longer updating the digitalbond.com site. All new content is being loaded on dale-peterson.com. So head over there for the latest videos, podcasts and blogs. We will retain this site for a while and then point digitalbond.com to dale-peterson.com

I had the pleasure of interviewing Dan Geer on the S4x18 Main Stage for 30 minutes. He typically speaks from prepared papers, so an interview is a bit unique, and his papers provided plenty of topics and questions. http://traffic.libsyn.com/unsolicitedresponse/Dan_Geer_Interview.mp3 We covered a wide range of issues including: Risk: The impact of c...

S4x18 was a big success, in my eyes, and a huge amount of work. A major web site update planned for December 1st shifted to January 1st and then post S4. We will have the new site up on January 31st. This is why you are not seeing new articles here, but I'd encourage you […]

This episode begins with a 10 minute monologue from Dale Peterson on why demonstrations of insecure by design, no SDL and modifying physical processes is not particularly interesting for the advanced ICS security audience … and why it is still important. Then we play Dale Peterson's interview with Steve Bitar of ExxonMobil on the Open Process...

We, the ICS community, have some mantras: It will take decades to fix the ICS security problem Operations Technology (OT) is different than Information Technology (IT) You can't do X, Y or Z in ICS because … which is followed by a variety of reasons such as the system can't go down, we can't introduce […]

Dale Peterson interviews Rob Lee, founder and CEO of Dragos – SANS 515 Creator – former SCADA Diva – Chief FUD Debunker – …, focusing on how an asset owner should select an advanced IDS detection solution from a crowded market of 25+ new offerings. http://traffic.libsyn.com/unsolicitedresponse/rob-lee.mp3 Here is a bre...

Joel Langill, aka the SCADAHacker, joined me on the Unsolicited Response podcast to discuss ICSsec training and workforce development. Joel is the Director of ICS Cybersecurity at AECOM, see http://www.aecom.com/solutions/converged-resilience/. He also runs the popular ICS security website https://scadahacker.com/ , and details on the training he d...

Rebooting the Unsolicited Response Podcast was one of my 2017 goals, and I didn't want it to be one and done. So I recorded a number of them before issuing this first episode so you can expect at least one a month. (Episode 2 is with Joel Langill, aka SCADAhacker). If you have any suggestions […]

Goal: Help Owner/Operators select the best anomaly detection solution for their ICS. It sounds simple, but after getting numerous demos and pitches from vendors, the almost unanimous contention from each vendor was that their solution was the best. Why? Because they go deeper, understand the protocol, system or user better than the competition, who...

It's not getting better, and the number of vendors offering ICS anomaly detection solutions continues to grow in numbers and angel/venture funding. How is an asset owner to determine what anomaly detection approach, if any, is right for them? The first decision points are simple: Are you ready for ICS anomaly detection? If your ICS […]

ICS Industry Pioneer and Expert Eric Byres of ICS-Secure reports on the RSA Conference last week. I just returned from the RSA Conference 2017 in San Francisco, after a five year hiatus. If you are not familiar with the RSA Conferences, they are one of the largest cyber security events in the world, with a reported 40,000 […]

Learn More and Register For S4x17, Jan 10-12 in Miami South Beach We have learned in recent years to leave a slot or two for late breaking attacks on ICS or hot research in the S4 agenda. Ukraine has helped fill this spot now for the second year in a row. We know that something […]

2016 was a turning point with secure ICS protocols. For a while it was limited primarily to OPC UA and DNP3 SA, but 2016 brought us a secure version of CIP / Ethernet/IP, Secure Modbus and a couple of others that will soon be unveiled. This should be enough critical mass to force the other protocol […]

Register for S4x17 now! Ticket Block 151 – 200 on sale now for $1,395. First – Reid provided me with the official Killer Robots, Inc logo. Second – My thoughts on who should consider participating in the S4 ICS CTF. A person with hacking skills, but little experience in ICS. The flags will give you […]

There are two sessions at S4x17, Jan 10-12 in Miami South Beach, covering actual ransomware incidents in ICS. Marcelo Branquinho of TI Safe will go over two case studies that occurred in South America on the Main Stage, and RSA will discuss an ICS ransomware case in the US that also involved the FBI. All […]

We wanted to do it at S4x16, but couldn't get it done. It's going to happen at S4x17. A South Florida High School Class will go through two days of hands on automation and security training with Matthew Luallen and the CybatiWorks kit, and then 12 of the students and their teacher will come to the […]

OSIsoft is back again as a S4xCTF sponsor, and they are bringing back Killer Robots, Inc. with new and unsolved flags from last year. Enter Harry Paul of OSIsoft to give you some information and hints to help you get some of the PI System related flags in the S4x17 CTF. The S4x17 Killer Robots […]

See the S4x17 Agenda and Register Now We had a number of sponsors at S4x16 complain that few of the 300 attendees came to their talk, although a few were standing room only. So this year we were blunt, your sponsor session is competing against quality content on the Main Stage and Stage 2: Technical Deep […]

Submit and Vote on Questions for Justine Bone of MedSec I am pleased to announce that Justine Bone of MedSec agreed to an interview on the Main Stage at S4x17. Vulnerability disclosure is and has been a contentious topic in ICS. I generally don't write much about it because the person or organization that finds […]

Check out the S4x17 Agenda At A Glance and Register Now The industrial firewall and ICS anomaly detection markets are getting very crowded. The industrial firewall market is older, but it is still expanding both in specialized ICS firewalls and enterprise firewalls adding ICS protocol support. The ICS anomaly detection market has exploded with a ne...

One of the nastiest aspects of the attack on the Ukrainian Electric Distribution System was bricking the Moxa Ethernet-to-Serial gateways. Industry insiders have known these little devices were a security problem. Reid goes over the timeline when it was disclosed to Moxa prior to Ukraine, their public promise to fix it by August 2016, and […]

After two years establishing and running Digital Bond Labs, Reid and I have decided that it makes more sense to run this as a stand alone business. So I have the honor to be the first to announce and congratulate Reid on his new company: RevICS. In all candor I've been surprised that the synergies […]

We have been preparing some new and interesting challenges for the S4 CTF this year, and I think that players will have a lot of fun with what we have in the works.  We have a number of nice challenges that involve breaking and entering into our ‘Killer Robot Factory’ (players from last year’s CTF […]

There are two weeks left to submit your session proposal for the S4x17 Main Stage or Stage 2: Technical Deep Dives. Take a look at the Call For Presentations and submit this month. Subscribe to The S4 Events YouTube Channel This S4xVideo is a great example of what we try to do on Stage 2. Jalal […]

This guest post is by Michael Toecker of Context Industrial Security and a Digital Bond Alumnus. It first appeared on the SCADASEC list. I thought it was great, and Michael kindly allowed us to post it here. The world isn't about just the process anymore, it's not just about moving water from A to B, or […]

  Way back at S4xJapan, 2015, Labs did a small research project on DNS domain squatting.  We never thought that it would amount to much in terms of press, but did think that would be a useful talk to spur vendors into action before it was too late. Already we have discovered some very popular […]

Today through August 31st the S4x17 Call For Presentations is open. It is the place to present advanced topics in ICS and related fields to an audience will get it. The process is real simple. Send an email with 2 or 3 paragraphs on your session idea to s4@digitalbond.com. We evaluate session proposals as they […]

Tomorrow we will be officially opening the S4x17 Call For Presentations (CFP), so I thought it would be the perfect time to highlight one of the S4 Classics to show what a S4 Technical Deep Dive looks like. Watch how Ralph goes through the code/logic in detail so you can see the key features of Stuxnet, […]

A great 22 minute presentation by Ralph Langner of The Langner Group at S4x16. He provides some very specific examples of a cyber / physical attack on nuclear power plants. For example, a cyber attack on all of the feedwater systems. What is the key to this type of attack? Studying the design plans, particularly […]

We decided to put the IRONGATE video from last week's S4xEurope out first. There is no new big reveal over the information put out in the FireEye article, but Rob provides a lot of context that makes it easier to understand. He also focuses on unanswered questions and a comparison to Stuxnet. If this is […]

General Hayden gave the Day 1 Keynote at S4x16 and really brought it. He had strong and often controversial opinions that were well defended. He pointed out where he disagreed with President Obama, FBI Director Comey and most of Europe. Check it out below or on our new S4 Events YouTube Channel. Viewing Notes: After a bit […]

Billy Rios of Whitescope gives a classic S4 Technical Deep Dive on a medical device called an Infusion Pump at S4x16 in Miami South Beach. He opens them up, shows the hardware, connections between boards, attack paths, default credentials, rogue firmware upload and more. Billy goes over three different infusion pumps. 3:00 Hospira PCA 14:40 […...

I had the chance to interview Marty Edwards who leads the ICS cyber security effort at the US Department of Homeland Security (DHS). The first 6 minutes introduce Marty and clarify what ICS-CERT does (it's much more than a CERT). 6:50: What are ICS-CERT's goals / metrics / measures of success? 9:05: What is the […]