Home » Research  |  IT vs OT |  When Facing The Insider Threat What Happend | Free Software vs Open Source | ask me |

Priscilla Felicia Harmanus · 1993 from the Netherlands · Last update: 7 juni 2020

 

Do you know the signs of suspicious activity? Find out. Recognizing and Dealing With Suspicious People

The Signs Of Suspicious Activity | You are here: e-waste | If You SEE Something - SAY Something | There is no cloud - it's just someone else's computer - switched to linux | GNU is not Unix by Priscilla

This website focuses on human knowledge and cyber security awareness in the Industrial control systems and explains the gap and the differences between IT and OT environments and why this information is critical and important. This study focuses on the threat to Industrial Cyber Control Systems in small businesses and startup companies in the digital information age of today.  gpl open source software in self driving cars  Read the full story: How It Is When Facing The Insider Threat.

Technology exists to make our lives easier. 

At least, that is what we should be using technology for. Time and time again I come across devices or software that completely fail in this regard, either by poor design, or even intentionally. Devices these days seem to be designed to market to people, to limit what you can do with a device because some big company wants it that way, or just hacked together.

politics, free software, community, proprietary communication systems, licenses, distributors, proprietary producers, vendors, developers, manufactures, source code, programmers, compiler, critical infrastructure, transportation, crucial, information, piping and switches, a, b, who gets what, where, when, how and what price, job, power, knowledge, monopoly, measuring, improvement, stand alone, network, services, political purposes built computer user program freedom free speech open closed trust openness

This page provides a broad overview of resources and articles within the various sectors for research. Most of these are technical, political, industrial, commercial and philosophical. These links are collected because it might be useful in the future. If you come across a dead link, please help me by sending an email to invitation.beta.only@gmail.com, containing the link. You can also use the Internet Archive Wayback Machine.

Deze pagina bevat een brede overzicht van resources en artikelen binnen de verschillendsectoren voor onderzoek. Meeste daarvan zijn technischpolitiekindustrieelcommercieel and filosofisch. Deze links worden verzamelt omdat het eventueel nuttig kan zijn voor in de toekomst. Als je een dode link tegenkomt, help je mij door een mail te sturen naar invitation.beta.only@gmail.com, met vermelding van die link. Je kan ook het Internet Archive WayBack Machine gebruiken

Energy Sectors | Attack | Government Sectors | exploits | Insiders | Financial Sectors | Social Engineering | Spear Phishing | Critical Infrastructure Security and Resilience | Cyber Systems | IT/OT convergence to start-up companies and small business | IoT | Telecom | Data | Information | Networking | Communication | Threat | Chemical, Commercial Facilities, Communications, Critical Manufacturing, Dams | Terrorism | the Defense Industrial Base | Zero day exploit | Emergency Services, Energy, Financial Services | Big Data | Food and Agriculture | Stuxnet aanval | Government Facilities, Healthcare and Public Health, Information Technology, Transportation Systems, Water and Wastewater Systems and Nuclear Reactors, Adversary, Materials, and Waste | Advanced Persistent Threat | IT - OT | ICS/SCADA | Human error | proprietary | free software movement | open source movement | ubuntu developers | license agreement | Critical Infrastructure includes utilities like gas, water, electricity, oil, communication and finance -  Financial -  Multinationals Intelligence - Telecom -  Water -  Nuclear -  Energy -  Harbour -  Airport -  Managed Service Providers -  Health -  Insurance - Information Diving - Identity Theft

 

Insider threat tactics - attacks for ICS/SCADA IT/OT    YouTube

 

Mechanical/Electrical Problwm

 

Intelligence Agencies | Crypto Museum | Overview of intelligence and law-enforcement agencies

This page contains an non-exhaustive overview of the various intelligence and law-enforcement agencies in the world. If possible, a link to their website or to Wikipedia is provided. The list is by no means complete and is only intended as a placeholder for information about agencies that are of interest in relation to cryptography or to other subjects featured on this website.


Home » Research  |  IT vs OT |  When Facing The Insider Threat What Happend | Free Software vs Open Source

 
World's Biggest Data Breaches & Hacks   Information is Beautiful
Select losses greater than 30,000 records
Last updated: 1st April 2020


Cisco » Securing IoT | IoT beveiligen 
Fortinet » Solutions » Security » Securing Critical Infrastructure with Fortinet | Security Solutions for Industrial Control Systems
IBM » Security » Operational Technology | Operational technology security in the age of digital transformation |
SCADA and industrial control systems are increasingly vulnerable to cybersecurity attacks as they become more connected
NIST » Information Technology Laboratory » Computer Security Research Center » TOPICS » APPLICATIONS » industrial control systems ICS
Shodan
 » Industrial Control Systems On The Internet | ICS

International Electrotechnical Commission (IEC)
International Standards and Conformity Assessment for all electrical, electronic and related technologies
Technology Sectors » EMC explained | Electromagnetic Compatibility

Ubuntu » Ubuntu on public cloudsUbuntu is the world’s most popular cloud operating system across public clouds


Home » Research  |  IT vs OT |  When Facing The Insider Threat What Happend | Free Software vs Open Source | ask me |

Microsoft » Europe » Industry » Retail » News » WINDOWS 2000 BEATS LINUX - Comparative test of Microsoft Windows 2000 and Linux as network operating systems | 22 januari 2001
Microsoft Business » Linux in Retail and Hospitality - What Every Retailer Should Know - White Paper - Microsoft Corporation | February 2001
Rod Dixon 
» Open Source Software Law | 2004
Eric S. Raymond 
» catb.org » Terminology Wars: A Web Content Analysis | 27 oktober 2004
Tweakers » nieuws » Veiligheidsfout Ubuntu onthult password | 13 maart 2006
Economides and Katsamakas: Two-Sided Competition of Proprietary vs. Open Source Management Science 52(7), pp. 1057–1071, © 2006 INFORMS

Tweakers » nieuws » Ubuntu plant 'ultravrije' distro | 13 april 2007
Google 
» support » accounts » Google Accounts Help » Does creating A Google Account give me a Gmail account? | 2004 - 2007
ZDNet 
» blogs » Education IT » Will the latest Ubuntu distro finally provide a mainstream Windows alternative? | 17 april 2007
ZDNet » blogs » Ubuntu 17.04 is linux voor dummies! | 17 april 2007
Tweakers 
» Nieuws » Software » Beschuit met muisjes voor Ubuntu 7.04 Feisty Fawn | 19 april 2007
Engineerings Online
 
» Kennis » EMC/ESD » Wurth en Dare organiseren EMC-seminar | 29 januari 2008
D.A.R.E!! :: » learning center 
» nieuwsbrief » EMC-seminar Würth Elektronik en DARE!! groot succes | woensdag 6 maart 2008 | donderdag 7 maart 2008
Ars Technica » information technology » Free Software Foundation lawsuit at Cisco at first | 12 december 2008
Tweakers 
» nieuws » Cisco en FSF schikken rechtszaak over GPL | 23 mei 2009
Ars Technica » Gaming and Culture » It no longer does everything: no more Linux on Playstation 3 | 29 maart 2010
Electronic Frontier Foundation 
» Deep links » Sony Steals Feature From Your Playstation 3 | 30 maart 2010
Ars Technica 
» Gaming and Culture » Hacker vows to fight Sony's PS3 update, restore linux | 30 maart 2010

GOVCERT » Computer Emergency Response Team » Factsheet Stuxnet - een geavanceerde en gerichte aanval - versie 2.4 | 21 januari 2011
Webwereld » Nieuws » Business news » Waarom de GPL altijd wint van de commercie | 19 maart 2011
ICT recht » Nieuws en Blogs » Wanneer geldt de GPL bij opensource webapplicaties? | software | 5 april 2012

GNU » philosophy » Ubuntu Spyware: What to Do? | 7 december 2012
The Register » Stallman: Ubuntu spyware makes it JUST AS BAD as WINDOWS | 7 december 2012
Tweakers
 
» nieuws » Een derde van aangetroffen kinderporno staat op Nederlandse servers | 9 april 2013
Globalsign Internet Group » en » blog » IT vs OT industrial internet | IT and OT - What's the difference? | 27 april 2016

Brian W. Kernighan » Princeton University Press » Understanding the Digital World: What You Need to Know about Computers, the Internet, Privacy, and Security. The basics of how computer hardware, software, and systems work, and the risks they create for our privacy and security | 9 januari 2017

NOS » NIEUWS » BUITENLAND » TECH » Waarschuwing voor industroyer het virus dat stroomnet kan platleggen | 12 juni 2017
Techzine » be » nieuws » security » gevaarlijke malware richt zich op platleggen stroomnetwerken | 12 juni 2017
Eset » news-room » IT-Beveiliger ESET ontdekt Industroyer, de gevaarlijkste malware gericht op industriele systemen sinds Stuxnet | 12 juni 2017 **
CBS » nieuws » Oplopende personeelstekort in vergrijzende industrie | 8 december 2017
NU » ECONOMIE » Personeelstekort in industrie wordt nijpender | 8 december 2017
RTL » NIEUWS » ECONOMIE » Industrie komt mensen tekort, groot deel personeel vergrijst | 8 december 2017

Emerge » Fortinet lanceert beveiligingsoplossingen voor de Operationele Technologie | Industry Wire | Geplaatst door Fortinet | donderdag 21 december 2017
Omroep Flevoland » Nieuws  Almere » Almeerse bedrijven tonen interesse in bouw Floriade-wijk | donderdag 28 december 2017
Automation » articles » 2018 » feature » For Many, Insiders Pose The Biggest Threat To Industrial Security3 juli 2018
Techzine » Goede IT security begint niet bij technology maar bij de mens | 2 oktober 2018
Tweakers » Nieuws » Nederlandse servers hosten meeste beelden van seksueel misbruik | 24-4-2019 *
Tweakers » Nieuws » Onderzoekers: zestig slecht beveiligde Nederlandse SCADA systemen op internet | 5 augustus 2019
Dutch IT Channel » AIVD betrokken bij Stuxnet-aanval op Iraanse nucleaire programma | 3 september 2019
Info Security Magazine 
» News » Dutch Insider deployed Stuxnet: report | 4 september 2019

ZDNet » article » free software advocate Richard Stallman spoke at Microsoft this week | 5 september 2019
Kennis Platform CROW
 » Gemeente Almere wint prijs voor meest duurzame mobiliteit | 28 december 2019 *

Mitre ATT&CK » MITRE RELEASES FRAMEWORK FOR CYBER ATTACKS ON INDUSTRIAL CONTROL SYSTEMS | 7 januari 2020
Techzine » be » nieuws » infrastructure » Cisco verenigt IT en OT in security-architectuur voor industriële IoT | 28 januari 2020
Techzine » be » nieuws » security » Cyberaanvallen op kritieke OT-infrastructuur nemen explosief toe | 12 februari 2020 *
Techzine » be » blogs » security » Cyberaanvallen verschuiven van IT naar OT Security moet ook mee | 9 maart 2020 * 

Siemens » News » Operational Guidelines for Industrial Security
Siemens has released an updated version 2.1 of the Operational Guidelines for Industrial Security. The guidelines provide recommendations for the secure operation of plant and machinery in industrial environments, including a 'Defense-in-Depth' security concept | Referenced in Siemens Security Advisories related with Siemens Industrial Products18 maart 2020

-»

Botch companies like Siemens and ABB are big on the Dutch ICS market and are also key-players worldwide. For Siemens the real ICS Security wake-up call was StuxnetStuxnet was malware developed to target ICS. Stuxnet was especially developed to target PLC’s and other ICS devices from Siemens at nuclear plants in Iran. After Stuxnet not only the ICS device designs were changed but also the way Siemens was working themselves. On all devices with an Ethernet connection there is the possibility to configure a firewall. But also when the firewall is available it is still the customer/end-user or system integrator who is responsible for the configuration. Although Stuxnet was a Siemens devices orient malware also ABB took action after Stuxnet.

To get more ICS Security awareness at the end-users and also at the system integrators, Siemens sets up ICS Security awareness courses. During this training, that is not specifically setup for Siemens devices, they also teach a little bit of forensics. The problem remains that for most users it has to be “plug and play”. They also have an ICS Security Awareness training for their own system integrators with a simulated model. Siemens also tries to inform their customers with product manuals and whitepapers. When looking at the industrial plants at this moment there is almost no knowledge on IT

In 2006 the Dutch National Police started with The National High Tech Crime Unit (NHTCU). The NHTCU was initiated for complex digital cases where automated systems attack other automated systems, the social importance is high and the technology used by these criminal activities is complex. So the NHTCU is, although existing for almost eight years, a relative new come unit at the Dutch National PoliceCases that are handled by the NHTCU are, for example, complex banking frauds where new malware is used to do the fraud, hacking of important vital servers where social importance is high (companieshospitals, banks, etc) and complex botnet infrastructures that are attacking Dutch computer systems. All above mentioned examples are attacks on “normal” computer infrastructures. A other segment about which was a lot to do sometime ago was the segment of Industrial Control Systems (ICS). Stuxnet was the most known catalyst for this. Where there is a lot of knowledge about the “normalcomputer infrastructures, there is less knowledge about ICS at the NHTCU. Not only about the devices used like SCADA, PLC’s, SoftPLC’s, HMI’s,, Industrial Computers and Remote inputs and outputs but also about the way the companies manage these systems. So at this moment ICS and Police are two different worlds. The question what do we need to know as Police about these systemshttps://fhi.nl/app/uploads/sites/37/2014/09/politie3.pdf

Recommended readings > Industrial Control System Security Awareness now-a-day and the role of law enforcement in it.  “Are the bad guys already in?”      Ton Maas      A minor thesis submitted in part fulfillment of the degree of M.Sc. in Forensic Computing and Cyber Crime Investigation with the supervision of Prof. Dr. Mohand-Tahar Kechadi.    School of Computer Science and Informatics.  University College Dublin.  09 March 2015

Het oorspronkelijke doel van Stuxnet leek bedrijfsspionage. Wanneer een procescontrolesysteem door Stuxnet is besmet is het echter eveneens mogelijk de besturing van industriële processen te beïnvloeden en te verstoren, waaronder de aansturing van apparatuur zoals pompen en motoren. Stuxnet is daarom te beschouwen als een uiterst serieus te nemen waarschuwing ten aanzien van de uitbuiting van de kwetsbaarheid van procescontrolesystemen. Nationale trendrapport cybercrime en digitale veiligheid 2010 - overheid

NCTV » actueel » nieuws » Reactie NCTV op sabotage en brandstichting zendmasten Nederland10 april 2020

Papers

Autism and the technical security industry |  2017 | CREST

to be continued









Richard Stallman Talks About Ubuntu - Ubuntu The Spyware (2013) by Priscilla on YouTube | Original video here |

Gastenboek


Home » Research  |  IT vs OT |  When Facing The Insider Threat What Happend | Free Software vs Open Source | ask me |