Cyber security round-up (July 2014)

ONG-ISAC backed by API. NIST's crypto briefing book. McAfee reports record attacks.

The American Petroleum Institute (API) has ‘expressed its support’ for a new Oil and natural gas information sharing and analysis center (ONG-ISAC), which sets out to ‘help protect infrastructure from cyber-attacks.’ The Washington-based unit is headed-up by Curt Craig, manager of integrated systems and information security at Hunt Consolidated, Inc. The idea for an ONG-ISAC was floated in a 2001 US-government backed report ‘Securing oil and gas infrastructures in the new economy.’ Seemingly this has taken a while to put into place.

The US NIST standards body has just published a Cryptographic standards and guidelines development program briefing book. The free 44 page publication covers algorithm specifications, guidance on the use of cryptography, standards for the personal identity verification card, public key infrastructure and testing according to Federal information processing standards.

The June 2014 quarterly threat report from Intel’s McAfee unit opines that while 64 Windows introduced much new security, no system is bulletproof. McAfee expects an increase in attacks from valid, digitally signed malware, obtained from stolen digital certificates. The count of ‘suspect’ websites hit a new record at over 18 million (a 19% hike). 68% of these are located in N America.

A new publication from Unisys and the Ponemon Institute addresses ‘Critical infrastructure: security preparedness and maturity.’ Ponemon interviewed some 600 execs for the report to find that utility, oil and gas and others are ‘high profile targets’ for security exploits where at risk ICS/Scada systems risk ‘potentially enormous’ damage.

Click here to comment on this article

If your browser does not work with the MailTo button, send mail to with OilIT_1407_23 as the subject. Web use only - not for intranet/corporate use. Copyright 2014 The Data Room - all rights reserved.