lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: ALudwig at Calfingroup.com (Andre Ludwig) Subject: SCADA makes you a target for terrorists tak e 2 I fully support you in your quest my friend. I think it is completely asinine that the people who run these systems do the things they do. I mean this is critical infrastructure after all! And I still have not seen any evidence to sway my thoughts on this matter. If you look at the NERC reports as to what caused the outages there was no mention of Ohio in them. Unless of course they changed them from sat night. Andre Ludwig, CISSP -----Original Message----- From: Bernie, CTA [mailto:cta@...in.net] Sent: Monday, August 18, 2003 6:03 PM To: full-disclosure@...ts.netsys.com Cc: Elinor.Abreu@...ters.com Subject: [Full-Disclosure] SCADA makes you a target for terrorists take 2 Over a year ago the NIPC put out a warning about threats regarding the SCADA Systems Again, my point is regardless of what caused the Blackout, attention needs to be given on improving and integrating System Security first, and replacing the so called worn out Grid (cables and related infrastructure) last. Vulnerable components should be identified, isolated and neutralized immediately. Worry about the sagging cables later. I can not understand why the same basic principles of systems security engineering should not apply to the Power Industry i.e., analyze potential Threats (Accessibility, Integrity, Confidentiality), Vulnerabilities and Attacks. Ok I'm done... for now. >>>> National Infrastructure Protection Center Terrorist Interest in Water Supply and SCADA Systems Information Bulletin 02-001 30 January 2002 NIPC Information Bulletins communicate issues that pertain to the critical national infrastructure and are for information purposes only. A computer that belonged to an individual with indirect links to USAMA BIN LADIN contained structural architecture computer programs that suggested the individual was interested in structural engineering as it related to dams and other water- retaining structures. The computer programs included CATIGE, BEAM, AUTOCAD 2000 and MICROSTRAN, as well as programs used to identify and classify soils using the UNIFIED SOIL CLASSIFICATION SYSTEM. In addition, U.S. law enforcement and intelligence agencies have received indications that Al-Qa'ida members have sought information on Supervisory Control And Data Acquisition (SCADA) systems available on multiple SCADA-related web sites. They specifically sought information on water supply and wastewater management practices in the U.S. and abroad. There has also been interest in insecticides and pest control products at several web sites. Recipients can find additional information regarding posting sensitive infrastructure-related information on Internet web sites in NIPC Advisory 02-001 issued on 17 January 2002 at http://www.nipc.gov/warnings/advisories/2002/02-001.htm. The intent of this bulletin was to encourage Internet content providers to review the sensitivity of the data they provide online. The NIPC encourages recipients of this Information Bulletin to report information concerning criminal or terrorist activity to their local FBI office http://www.fbi.gov/contact/fo/fo.htm or the NIPC, and to other appropriate authorities. Recipients may report incidents online at http://www.nipc.gov/incident/cirr.htm, and can reach the NIPC Watch and Warning Unit at (202) 323-3205, 1-888-585-9078 or nipc.watch@....gov- **************************************************** Bernie Chief Technology Architect Chief Security Officer cta@...in.net Euclidean Systems, Inc. ******************************************************* // "There is no expedient to which a man will not go // to avoid the pure labor of honest thinking." // Honest thought, the real business capital. // Observe> Think> Plan> Think> Do> Think> ******************************************************* _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists