« BaySec: Thursday, 1/17 @ Pete's Tavern | Main | Computer security solved, lets all write Sex Advice. »

Yes, Virginia, there is a Santa Claus SCADA Attack

Long-predicted attacks against infrastructure control systems (SCADA) have arrived, according to the CIA. Bejtlich doubts its authenticity, but I have every reasons to believe it to be true for the following reasons:
  • Bellovin correctly pointed out that maintaining the air gap between critical networks and non-critical networks is nearly impossible, making the likelihood that at least a few critical networks are somehow connected to the public internet extremely high. Information behaves like heat, in that it leaks out unless tightly constrained, like hot coffee in a dewar flask.
  • My old business partner Ralph Logan was quoted in the article. Given the work we did together and the work that he does now, I consider him to be an absolute authority on the topic.
  • The early monetization techniques employed by attackers whenever they discover a tool are usually extortion-related schemes. The first botnet business model was based upon DDoS extortion, where victims were taken off of the network if they didn't pay the attacker protection money. Here we have attackers demanding protection money in exchange for not taking down the power grid. Botnets evolved into spam and phishing engines. I am willing to bet that the next step in the racket will involve selling the attacks to nation states now that infrastructure attacks have been reduced to practice.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

About

This page contains a single entry from the blog posted on January 19, 2008 12:48 PM.

The previous post in this blog was BaySec: Thursday, 1/17 @ Pete's Tavern.

The next post in this blog is Computer security solved, lets all write Sex Advice..

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33