First real-world SCADA attack in US

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Tue Nov 22 12:19:18 UTC 2011


On Mon, 21 Nov 2011 14:24:48 PST, "andrew.wallace" said:
> If NSA had no signals information prior to the attack, this should be a wake up call for the industry.

Actually, it should be a wake up call whether or not NSA had signals
information.  However, it's pretty obvious that the entire SCADA segment is
pretty much bound and determined to keep hitting the snooze button as long as
possible - they've known they have an endemic security problem just about the
same number of years the telecom segment has known they will need to deploy
IPv6. ;)

And let's think about this for a moment - given that there's *no* indication
that the attack was an organized effort from a known group, and could quite
possibly be just a bored 12 year old in Toledo Ohio, why should the NSA have
any signals info before the attack?

Let's think it through a bit more.  Even if the NSA *did* have info beforehand
that pointed at a kid in Toledo, they can't easily release that info before the
fact, for several reasons: (a) they're not supposed to be surveillancing US
citizens, so having intel on a kid in Toledo would be embarassing at the least,
and (b) revealing they have the intel would almost certainly leak out the
details of where, when, and how they got said info - and the NSA would almost
certainly be willing to sacrifice somebody else's water pump rather than reveal
how they got the info.

Bottom line - the fact the NSA didn't say something beforehand means that they
either didn't know, or didn't wish to tell. So why are you bringing the NSA into it?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20111122/e025f3c2/attachment.sig>


More information about the NANOG mailing list