The discussions around electric grid cybersecurity in 2016 have already started off with a lot of buzz with two important industry developments in play.
The first is around the NERC CIP regulation. With just a few months left until the NERC CIP version 5 enforcement deadline of April 1, 2016, many utilities subject to the regulation are scrambling to put their remaining provisions in place to ensure that they meet their compliance obligations. We’ll know soon enough how industry fares. However, if that weren’t enough on the regulatory side, on January 21, FERC released Order 822, which basically explains how they approved version 6 of the NERC CIP standards. It’s a bit too much to get into the details of Version 6/Order 822 here; but, basically, new compliance considerations have emerged around supply chain security, transient electronic devices, inter-control center communications, remote access, and low-impact external routable connectivity (LERC). Phew! It’s clear utilities will be very busy in 2016 on the compliance side. …Continue reading
Sit back and relax. Let us do the information gathering and give you the channel scoop.
- Get a sneak peek into the all new Ignite 2016. As a reminder, you can help your customers save money on their Ignite 2016 passes while you earn credit for the Sell 10, Get 1 Free promotion. Check out the Ignite 2016 Partner Kit for the latest partner information on this event.
Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach. We refer to this backdoor as T9000, which is a newer variant of the T5000 malware family, also known as Plat1.
In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications and specifically target Skype users. The malware goes to great lengths to identify a total of 24 potential security products that may be running on a system and customizes its installation mechanism to specifically evade those that are installed. It uses a multi-stage installation process with specific checks at each point to identify if it is undergoing analysis by a security researcher. …Continue reading