Water Utility SCADA 'Attack': The, um, washout

• Previous message (by thread): Water Utility SCADA 'Attack': The, um, washout
• Next message (by thread): IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is already a law on the books called Protected Critical Infrastructure Information (PCII).  It has stiff penalties for leaking the information.  The reporting critical infrastructure company has to request the information or report be protected under PCII.  In most cases the companies also use their own NDA as well for added recourse if the info gets leaked.  Also the fusion center or DHS could of offered this option up since most companies do not know this option/law is on the books.   For a State Fusion center to leverage this law they have to get a delegation from DHS or at a minimum bring the executive agent in to declare the info PCII since it's a federal law.  

The PCII designator works and has been used in past incidents.  Sensitive but unclassified does not work and has widely varying meanings from agency to agency.  If it's that sensitive use PCII or classify as SECRET.  

Regarding this incident, I was skeptical from the get go.  The fog of war around any incident is usually pretty thick at the initial stage.  This has been shown even in national level cyber exercises time and time again.  FBI/USSS/US-CERT are routinely engaged and investigating cyber incidents and nothing new here.  People acted as if that was outside the norm when it was not.  

Jerry
Jerry at jdixon.com


On Nov 26, 2011, at 3:14 PM, Jared Mauch <jared at puck.nether.net> wrote:

> +1
> 
> This isn't the pentagon papers. 
> 
> Those found leaking should face the legal consequences for sbu information leakage. 
> 
> One can't have every email/memo leaked as it makes it unfeasible to perform ones job. 
> 
> Jared Mauch
> 
> On Nov 26, 2011, at 7:51 AM, "andrew.wallace" <andrew.wallace at rocketmail.com> wrote:
> 
>> My comment about a certain person leaking public-private sector correspondence to the media still applies then.
>> 
>> https://plus.google.com/114359738470992181937/posts/DSnJfKqrJK1
>> 
>> 
>> Andrew
>> 
>> 
>> 
>> ________________________________
>> From: Jay Ashworth <jra at baylink.com>
>> To: NANOG <nanog at nanog.org> 
>> Sent: Saturday, November 26, 2011 3:14 AM
>> Subject: Water Utility SCADA 'Attack': The, um, washout
>> 
>> Not an attack: an already failing pump, and an employee of a contractor to the
>> utility who was ... wait for it ...
>> 
>> traveling in Russia on personal business.
>> 
>> WaPo via Lauren @ Privacy:  http://j.mp/rrvMXR
>> 
>> Cheers,
>> -- jra
>> -- 
>> Jay R. Ashworth                  Baylink                      jra at baylink.com
>> Designer                     The Things I Think                       RFC 2100
>> Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
>> St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274
> 

• Previous message (by thread): Water Utility SCADA 'Attack': The, um, washout
• Next message (by thread): IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]