Article

2008-01-19 Home Front: WoT

CIA: Cyberattacks have led to blackouts in multiple cities

Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.

Posted by lotp 2008-01-19 14:06|| || Front Page|| [8 views ] Top

#1 insider info? Of course!

Posted by Frank G">Frank G 2008-01-19 15:10|| 2008-01-19 15:10|| Front Page Top

#2 This story irritates me, why in the WORLD would you have a SCADA system connected to the internet? Where I work, we keep our SCADA type systems air-gapped, they don't even touch our production LAN.It isn't about using Windows systems, it's about a lack of control and good management processes. One other point that none of the IT pundits mention is that, yes our SCADA systems are at risk but no mention is made about the SCADA systems in Russia, China, et. al.

Posted by djh_usmc 2008-01-19 15:16|| 2008-01-19 15:16|| Front Page Top

#3 Howard Schmidt, a former Microsoft (NSDQ: MSFT) executive and government cybersecurity adviser, mentioned ongoing concerns about the vulnerabilities of SCADA systems and noted that 85% of the U.S. critical infrastructure is controlled by the private sector. "No one should be minimizing this issue," he said.

Yes - let's centralize the problem under government control. Let's get all the battleships in a line, and park all the planes wingtip to wingtip on the tarmac. The phrase chrome-dome comes to mind.

Then again, what did Twain say about eggs and baskets?

Posted by Halliburton - Hyperbolic Idiot Detection Service 2008-01-19 15:42|| 2008-01-19 15:42|| Front Page Top

#4 The issue isn't govt control of SCADA systems, but rather than their dispersal in industry means that there is a distressingly wide range of security etc. expertise being applied to them right now. And for older industries that often does include internet access, implemented by techies to make monitoring easier. Not to mention for e.g. load sharing during peak energy draw periods.

Lots and lots of focus has been going into security monitoring and risks for US SCADA. Most visible face of that activity is the I3P Consortium.

Posted by lotp 2008-01-19 15:53|| 2008-01-19 15:53|| Front Page Top

#5 but rather ~~than~~ that their dispersal ...

Posted by lotp 2008-01-19 15:54|| 2008-01-19 15:54|| Front Page Top

#6 Adding Windows to Scada systems isn't an issue: I am aware of one vendor who does an excellent job in this respect because they made two key design decisions:

Clients use Windows.

Servers use the Command Line Subsystem.

Think about it. Clients are transients, so if the GUI goes belly up, no great deal. Servers run in probably the most stable, bug free windows subsystem after the scheduling kernel, mainly because the glamor is in the GUI so nobody's bothering to add anything new (ergo buggy) to the CLI. This allows the bugs to be quashed with no new ones introduced by new features.

Posted by Ptah">Ptah 2008-01-19 16:19|| http://www.crusaderwarcollege.org]">[http://www.crusaderwarcollege.org] 2008-01-19 16:19|| Front Page Top

23:15 Pappy
23:12 Whomong Guelph4611
23:03 www
23:01 Varmint Slaing5309
22:53 DarthVader
22:52 DarthVader
22:46 mhw
22:43 Galactic Coordinator Jainter8045
22:41 Frank G
22:35 borgboy2001
22:33 Oztralian
22:30 Oztralian
22:29 borgboy2001
22:18 www
22:17 gromky
21:41 Old CFI
21:31 M Eisner
21:29 Uncle Walt
21:18 OyVey1
21:17 ed
21:15 Redneck Jim
21:13 OyVey1
21:07 Redneck Jim
21:00 Evenengissoto