Re: Foul

[Robert Graham <robert_david_graham () yahoo com>]

> From: Paul Ferguson <fergdawgster () gmail com>
> No that I have watched the 60 Minutes episode in question,
> I can't speak to
> the Energy Grid issues -- but I can speak to all of the
> other cyber crime issue mentioned.
> They are all true, even minimized.

I, too, was surprised by the low number. We've been involved in cases, with the FBI totaling more than $100-million so 
far this year. However, they succeed in unwinding most of the transactions, and recover most of the money, so I'm 
guessing that $100-million is money that was stolen but could not be recovered.

BTW, it's Russia and the Ukraine.

> If you think that they these sophisticated criminals cannot
> use the same
> techniques against ICS/SCADA infrstructire...

They can. I have. It's easy. I gave a presentation with (sanitized) results from hacking into the power grid:
http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Maynor-Graham-up.pdf

The thing is, though, we are in far greater danger from accidental failures, or from the Chinese/AlQaeda strategically 
placing bombs on the grid. Yet, hackers are the least understood, and like witches, the most feared. Unethical 
journalism, like the 60 Minutes story, just stokes those irrational fears, which is unlikely to result in any rational 
outcome.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.