Mass murder by pacemaker hacking isn’t the likeliest scenario, but clinical tools and SCADA devices still deserve serious security scrutiny.

In fact, the real interest of the document lies in the extensive overview (12 closely-typed pages without graphics and such) of the DHS view of its own cybersecurity mission.

“Infrastructure Attacks: The Next Generation?” now includes the speaker notes, which hopefully makes it more interesting and useful.

Greetings, my faithful fans. Did you miss me? I've just had a restful week hiding from the Internet in a remote cottage in Devon, which is why I've been uncharacteristically quiet. Before that, though, I had an interesting and useful week in London mostly centred round the Infosec Europe expo, where apart from wall-to-wall meetings

Kelly Jackson Higgins in a Dark Reading article tells us that Malware Attacks Decline In SCADA, Industrial Control Systems, quoting a report published by the Security Incidents Organization drawing on its Repository of Industrial Security Incidents (RISI) database. One aspect that’s attracted attention on specialist lists is the mention of a large US power company

Added to the resources blog at http://blog.eset.com/2011/01/03/stuxnet-information-and-resources: Report of a Stuxnet-unrelated vulnerability in SCADA software A speculative cyberwar link Some links on Iranian post-Stuxnet "cybermilitia" recruitment. http://www.itworld.com/security/133469/iran-responds-stuxnet-expanding-cyberwar-militia http://blogs.forbes.com/jeffreycarr/2011/01/12/irans-paramilitary-militia-is-recruiting-hackers/?boxes=financechannelforbes David Harley CITP FBCS CISSP

…Eric Chien … tells us that “Stuxnet requires the industrial control system to have frequency converter drives from at least one of two specific vendors…”

This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.

…we have just published a lengthy analysis that considers many of these questions, as well as discussing some of the characteristics of this fascinating and multi-faceted malicious code. The report is already available here, and will shortly be available on the ESET white papers page.

There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS). The reality is that hackers targeting ICS is nothing new. I am not clear