DemSpud

joined 1 year ago
MODERATOR OF
[–] DemSpud@lemmy.dbzer0.com 7 points 6 months ago (2 children)

Potentially when you put it in for a service, could also be using bluetooth

[–] DemSpud@lemmy.dbzer0.com 1 points 6 months ago

Happy to help!

[–] DemSpud@lemmy.dbzer0.com 1 points 6 months ago (2 children)

Water under the bridge mate, all good

[–] DemSpud@lemmy.dbzer0.com 1 points 6 months ago (4 children)

Yea why not, I use this app too much may as well put it to good use

[–] DemSpud@lemmy.dbzer0.com 2 points 6 months ago

I always look at the site's Wikipedia page, gives the correct url in its summary on the right of the page.

[–] DemSpud@lemmy.dbzer0.com 6 points 6 months ago

There are dozens of us! Dozens!

[–] DemSpud@lemmy.dbzer0.com 3 points 6 months ago (1 children)

Exact same experience here, I think I got through the whole thing in 2 days, keen as for the next season.

[–] DemSpud@lemmy.dbzer0.com 3 points 6 months ago (3 children)

What do you think of the new show?

[–] DemSpud@lemmy.dbzer0.com 42 points 6 months ago (10 children)

Umm why did your refrigerator leak a picture of my parents yelling at each other?

[–] DemSpud@lemmy.dbzer0.com 1 points 7 months ago

Oh yea poor old Palo Alto Networks is having a rough time at the moment. But a mature OT network has implemented defence in depth correctly and have a plan in place for incidents such as this one should they occur. I know a few sites who have had to island until they were able to put vulnerability mitigation in place, the good thing is that they could do this without disrupting their OT operations significantly. What you're saying is correct, if its connected its only a matter of when not if, but you design your system with this in mind.

At the end of the day corporations are going to want business data from your site, and we need to design around that. To fight it and just air gap is going to result in you getting side stepped and your system being even more vulnerable. It's going to happen either way so we need to make sure we have the plans in place to implement it as safely as possible.

[–] DemSpud@lemmy.dbzer0.com 5 points 7 months ago (2 children)

Nah man, this is my game, air gap systems aren't really a thing for anything non-military anymore. Companies want a real-time view into their production for making business decisions.

There are ways to secure your control systems network properly without a full airgap with proper boundary controls between the various layers of your Purdue model as well as fully separate Active Directories just to make a start.

Its actually an entire independent cybersecurity specialisation for OT networks. For anyone who is interested I would recommend Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions by Clint Bodungen its a fantastic read and very easy to follow.

Now the concept of air gapping still exists in this architecture, its designed to be able to "Island" which is where you break the connection between your corporate and OT networks when an incident has occurred on the corporate side essentially creating an airgap.

[–] DemSpud@lemmy.dbzer0.com 42 points 7 months ago* (last edited 7 months ago) (4 children)

Sometimes an airgap isn't enough (Stuxnet is a good example), but realistically cybersecurity is an afterthought unfortunately. Simply go onto Shodan and lookup Schneider or Allen-Bradley to see how many of these controllers are accessible directly from the internet

view more: ‹ prev next ›