Scary SCADA FUD

By Roger on January 21, 2008 4:21 PM | | Comments (2) | TrackBacks (0)

At a SANS SCADA conference in New Orleans, CIA senior analyst Tom Donohue reported that cyberattacks have caused multi-city power outages outside the United States.

Rob Rosenberger writes a good article about this here.

It is pretty scary to know that there are forces out there plotting to keep us in the dark with no heat or AC. But why am I getting sidetracked with what some people want to require in California.,

This reminds me of another time SANS reported that hackers had threatened the life of scientists at the south pole. They purportedly hacked an environmental control system and attempted to extort payment or all the scientists would freeze to death. According to this Kevin Poulsen article, a FOIA request uncovered a memo about that incident which said it was minor. "Given the fact that no financial records or systems were compromised, no safety or loss of life was threatened, and no critical system corrupted" by the Romanian hackers, "we need to balance legitimate security needs with the legitimate needs of our scientists at the Pole."

It sounds to me that in both this south pole case and this new report of blackouts that the threat of cyberterrorism is being promoted in order to advance an agenda. Without details its just FUD.

Of course utilities should be taking precautions, but if the past decade is any indication the public has more to worry about from hurricanes (New Orleans) and general screwups (northeast blackout).

Categories

General

Tags

0 TrackBacks

Listed below are links to blogs that reference this entry: Scary SCADA FUD.

TrackBack URL for this entry: http://www.infosecblog.org/mt-tb20071121.pl/661

2 Comments

Robert McMillan said:

Hey Roger,

I'm not sure if I'd call Rosenberger's article "good," as it makes at least one major factual mistake -- the kind of error that he's always blasting journalists for making. (disclosure: I am a journalist; I enjoy reading Rosenberger's site)

"Paller told an audience in New Orleans... that the CIA told him that some terrorists out there, somewhere, had crippled entire regions of the earth with electrical blackouts."

That's not true. Donahue spoke to the conference himself.

Of course the big question is *where* did these attacks occur? Inside jobs in corrupt countries with little or no security controls -- not so worrisome.

I think it's good to be skeptical about this stuff, but if you're going to blast people for getting their facts wrong... get your own facts straight.

January 22, 2008 6:52 PM
Roger Author Profile Page said:

I appreciate your thoughtful comment. I agree that if you're going to call people out for things like that you can't make the same mistake. Of course Rob is just relying on InformationWeek. From his editor's comments, he knew Donahue spoke, but was abusing the article for humor. I'm just glad to have Rob back posting.

January 22, 2008 11:30 PM

Leave a comment

Powered by Ajax Comments

About this Entry

This page contains a single entry by Roger published on January 21, 2008 4:21 PM.

Comments was the previous entry in this blog.

Symantec Eraser Engine update is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.2-en

Search