Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Government IT

Stuxnet Expert Dismisses NIST Cyber Security Framework, Proposes Alternative 32

Posted by timothy from the he-did-it-his-way dept.
An anonymous reader writes "Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran's Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government's Cyber Security Framework. Langner's Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government's framework."
This discussion has been archived. No new comments can be posted.

Stuxnet Expert Dismisses NIST Cyber Security Framework, Proposes Alternative More

Stuxnet Expert Dismisses NIST Cyber Security Framework, Proposes Alternative

Comments Filter:

  • Re:Why not do what experts have recommended? (Score:4, Informative)

    by mlts ( 1038732 ) * on Thursday September 05, 2013 @02:58PM (#44767969)

    In the early to mid 1990s, intrusions did happen, but it would take some doing because someone on DECNet would have to take some doing to jump to a machine on a private x.25 network.

    These days, I've wondered about following the US government's lead with SIPRNet and NIPRNet, and having a "BIPRNet", which would be a switched network using leased lines among companies. Unless access between two machines was prearranged in advance, the boxes will not be allowed to connect to each other or forward packets. For security, the machines either share a symmetric key (like WPA2-AES-PSK), or are paired using public keys similar to Bluetooth pairing. This gives two layers of security. First, the core switch would have to be compromised to allow a third machine to connect, and then both machines would have to be compromised so they would bother interacting with the third machine and not ignore it outright. It isn't perfect, but it would be far stronger for B2B communications than the usual VPNs or SSL/TLS which can be hijacked by compromised CAs.

    This won't replace the Internet by any means, but will provide a way for businesses or internal departments to communicate that is highly resistant to mass IP probing and other attacks.

  • Re:Why not do what experts have recommended? (Score:5, Informative)

    by spacefight ( 577141 ) on Thursday September 05, 2013 @03:15PM (#44768095)
    Not to forget that ther was an air grap at Natanz - so we're talking about more than just shutting off nodes access to the net.

    Stuxnet, as an example, bridged the air gap multiple times via infected USB keys...

Slashdot Top Deals

All I ask is a chance to prove that money can't make me happy.

Close