SCADA Danja

SANS put on a SCADA Security Summit in New Orleans just last week. During that summit, a spokesperson for the CIA reported on some SCADA attacks outside the US that have caused some major outages in multiple cities. The spokesperson said:

We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.

Add to that this post about the same report from Rich Mogull, and you start to wonder of this happens to be a little more than FUD. Honestly, I am not one to get my knickers in a twist with every little report that comes out to sell newspapers. And you can argue that the CIA does things for its own benefit most of the time. But this is coming out in a SANS conference, not a US Conspiracy Club chapter meeting. And what makes you think a little more is when a reputable source like Rich says this:

...over my career as an analyst and consultant I was privy to more than one successful and physically dangerous SCADA attack communicated to me by clients. I’ll never talk details, but they really happened, putting lives at stake.

As The Mogull points out in his post, when you have these systems running on "traditional" IT systems and you connect them to the Internet, the fact that they are going to be attacked just makes sense.

FUD? Nope, I don't think so.

Related:

Copyright © 2008 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon