Experts advise caution, information sharing in wake of alleged utility attacks

[InfoSec News <alerts () infosecnews org>]

http://www.csoonline.com/article/694707/experts-advise-caution-information-sharing-in-wake-of-alleged-utility-attacks

By George V. Hulme
CSO
November 21, 2011

Experts in the security of critical infrastructure have had the weekend 
to digest news that a public utility water pump in Springfield, Ill. was 
destroyed at the hands of remote attackers who were able to gain access 
to the SCADA systems controlling it. Their initial advice: Share any 
information that can minimize or stop the next attack, but don't jump to 
conclusions.

Joseph Weiss, managing partner at Applied Control Systems LLC and author 
of the book Protecting Industrial Control Systems from Electronic 
Threat, initially broke the news on his blog.

A spokesman from the U.S. Department of Homeland Security (DHS) did 
confirm the incident, but would not confirm whether it was an attack.

"At this point it seems the facts of the incident are still not known. 
My sources indicate hackers may have nothing to do with this event, but 
they also told me the investigation is just starting," says Richard 
Bejtlich, chief security officer at IT security firm MANDIANT. "It's 
important to differentiate between the threat to critical infrastructure 
(which is overestimated) and the vulnerability in critical 
infrastructure (which is underestimated)." A hacker known as "pr0f" 
would seem to agree with Bejtlich's assertion that the vulnerabilities 
within the critical infrastructure are underestimated. Pr0f took 
exception with the DHS' public response to the incident and published 
images to Pastebin as alleged proof that access was achieved at a SCADA 
system in South Houston.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn