Darian Slywka Articles

1. Water Cybersecurity: ‘Dragonfly’ Prompts Lockdown Of Windows-Based Industrial Control Systems 7/10/2014

   With the most recent cyber espionage campaign of the “Dragonfly” group publically identified as having used various malware tools including Havex (Backdoor.Oldrea) and the Energetic Bear RAT (Remote Access Tool), now is the perfect opportunity to harden those Microsoft Windows-based industrial control systems (ICS).

2. Water Cybersecurity: Encrypt, Encrypt, Encrypt! 3/28/2014

   No cybersecurity program is 100 percent secure. To expand that thought, no electronic communication can be 100 percent secure. Any vendor that publicizes or offers a guarantee should be immediately looked at with skepticism.  However, as system owners and operators, it is your responsibility and that of your colleagues to reduce the attack vectors in your system to the point that it requires too many resources for potential adversaries to continue looking for vulnerabilities – whereas they can find an easier target elsewhere.

3. Water Cybersecurity: Alarming, Autodialers, And The Resistance To Change 2/21/2014

   It is 2:00 AM on Saturday morning. It is a cold, frigid night. The booster station maintaining water pressure within the distribution system has unexpectedly shut down. The autodialer checks for a dial tone, then calls the first standby operator and plays the prerecorded message, “Booster Station Shutdown Alarm” it repeats, “Booster Station Shutdown Alarm,” “Press 1 on your touch-tone phone to acknowledge this recording.” The operator presses the 1 key on his phone. A potential outage is likely. Customers will be disrupted. The operator has no idea what has happened, or the appropriate tools to bring to the solution.