A new article just published by David Greenfield in Automation World revisits the recent CERT warning about intrusions into automation systems in manufacturing:
Of particular interest to us at Control.com is the section on "Watering Holes" where links to virus-bearing content are sometimes posted:
"Approximately half of the known watering holes are trade publications and informational websites related to process control, ICS or critical infrastructure."
We moderate all messages posted to our forums, and our moderators are always on the lookout for links that don't seem legitimate, or may have the potential for mayhem, but caution is always advisable when approaching any software (or, for that matter, advice) if you're not fully aware of its provenance or veracity.
Be careful out there!
Process sensors, actuators, drives and their lower level networks do not have cyber security or authentication. This directly affects safety and reliability. Consequently, ISA99 has formed a new task group to address this shortcoming. Please let me know if there is an interest in knowing more or participating. I have also several blogs on this subject at www.controlglobal.com/unfettered. I can be reached at firstname.lastname@example.org.