If you are an InfraGard member, they are sharing a great, no cost, online training opportunity provided by the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The ICS-CERT works to reduce risks within and across all critical infrastructure sectors. The Virtual Learning Portal (VLP) provides online training for those involved in the security of Industrial Control Systems (ICS). Please sign in to register for free VLP courses: https://ics-cert-training.inl.
The Cloud Security Alliance (CSA) released its first ever research and guidance report on connected vehicle security. Authored by the CSA’s Internet of Things (IoT) Working Group, “Observations and Recommendations on Connected Vehicle Security” provides a comprehensive perspective on vehicle security connectivity design, possible attack vectors of concern, and recommendations for securing the connected vehicle environment. [via Help Net Security]
In an interesting turn, Hajime is a vigilante-style project intended to disrupt Mirai and similar IoT botnets.
Think about it. We’ve been sending spacecraft into orbit and beyond for 50 years. Information security was not a primary concern. Many of these systems are IoT devices, in practice, and they won’t all have strong authentication processes or be updatable, so what is the impact if someone hacks a NASA probe? NASA chief has big concerns.