lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <002501c3667b$94669ff0$2b02a8c0@dcopley>
From: dcopley at eeye.com (Drew Copley)
Subject: SCADA makes you a target for terrorists take 2


> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
> Caggy, James
> Sent: Tuesday, August 19, 2003 9:58 AM
> To: full-disclosure@...ts.netsys.com
> Subject: RE: [Full-Disclosure] SCADA makes you a target for 
> terrorists take 2
> 
> 
> This is a "Lessons learned from Slammer" advisory put out by 
> the NAERC two months ago and admits that the SCADA system is 
> vulnerable to worms and/or viruses.
> 
> http://www.esisac.com/publicdocs/SQL_Slammer_2003.pdf

Excellent paper.

> 
> There's still no reason not to believe that last week's 
> blackout wasn't in someway related to MSBlaster or a hacker 
> taking advantage of RPC.
> 

The paper is excellent, but that does not mean Blaster took down the
power grid. 

I think that people need to remember to show some constraint, unless
they want the problems in SCADA to appear to be overblown... A "cry wolf
scenario".

There is a very good reason to not "believe" that Blaster or a hacker
took down the grid last week -- there is no proof for it. There may be
circumstantial evidence for this, but that is not the same thing as
proof.



> 
> 
> -----Original Message-----
> From: Bernie, CTA [mailto:cta@...in.net] 
> Sent: Monday, August 18, 2003 9:03 PM
> To: full-disclosure@...ts.netsys.com
> Cc: Elinor.Abreu@...ters.com
> Subject: [Full-Disclosure] SCADA makes you a target for 
> terrorists take 2
> 
> Over a year ago the NIPC put out a warning about threats 
> regarding the SCADA Systems
> 
> Again, my point is regardless of what caused the Blackout, 
> attention needs to be given on improving and integrating System 
> Security first, and replacing the so called worn out Grid 
> (cables and related infrastructure) last. Vulnerable components 
> should be identified, isolated and neutralized immediately. 
> Worry about the sagging cables later. 
> 
> I can not understand why the same basic principles of systems 
> security engineering should not apply to the Power Industry 
> i.e., analyze potential Threats (Accessibility, Integrity, 
> Confidentiality), Vulnerabilities and Attacks.
> 
> Ok I'm done... for now.
> 
> >>>>
>  National Infrastructure Protection Center
> 
> 
> Terrorist Interest in Water Supply and SCADA Systems 
> Information Bulletin 02-001 30 January 2002
> 
> NIPC Information Bulletins communicate issues that pertain to 
> the critical national infrastructure and are for information 
> purposes only.
> 
> A computer that belonged to an individual with indirect links to 
> USAMA BIN LADIN contained structural architecture computer 
> programs that suggested the individual was interested in 
> structural engineering as it related to dams and other water- 
> retaining structures. The computer programs included CATIGE, 
> BEAM, AUTOCAD 2000 and MICROSTRAN, as well as programs used to 
> identify and classify soils using the UNIFIED SOIL 
> CLASSIFICATION SYSTEM.
> 
> In addition, U.S. law enforcement and intelligence agencies have 
> received indications that Al-Qa'ida members have sought 
> information on Supervisory Control And Data Acquisition (SCADA) 
> systems available on multiple SCADA-related web sites. They 
> specifically sought information on water supply and wastewater 
> management practices in the U.S. and abroad. There has also been 
> interest in insecticides and pest control products at several 
> web sites.
> 
> Recipients can find additional information regarding posting 
> sensitive infrastructure-related information on Internet web 
> sites in NIPC Advisory 02-001 issued on 17 January 2002 at 
> http://www.nipc.gov/warnings/advisories/2002/02-001.htm. The 
> intent of this bulletin was to encourage Internet content 
> providers to review the sensitivity of the data they provide 
> online.
> 
> The NIPC encourages recipients of this Information Bulletin to 
> report information concerning criminal or terrorist activity to 
> their local FBI office http://www.fbi.gov/contact/fo/fo.htm or 
> the NIPC, and to other appropriate authorities. Recipients may 
> report incidents online at 
> http://www.nipc.gov/incident/cirr.htm, and can reach the NIPC 
> Watch and Warning Unit at (202) 323-3205, 1-888-585-9078 or 
> nipc.watch@....gov-
> ****************************************************
> Bernie 
> Chief Technology Architect
> Chief Security Officer
> cta@...in.net
> Euclidean Systems, Inc.
> *******************************************************
> // "There is no expedient to which a man will not go 
> //    to avoid the pure labor of honest thinking."   
> //     Honest thought, the real business capital.    
> //      Observe> Think> Plan> Think> Do> Think>      
> *******************************************************
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ