[146757] in North American Network Operators' Group
Re: First real-world SCADA attack in US
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Mon Nov 21 21:47:44 2011
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <4ECAC306.7020202@amplex.net>
Date: Mon, 21 Nov 2011 21:46:19 -0500
To: Mark Radabaugh <mark@amplex.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Nov 21, 2011, at 4:30 PM, Mark Radabaugh wrote:
>>=20
>>=20
> Probably nowhere near that sophisticated. More like somebody owned =
the PC running Windows 98 being used as an operator interface to the =
control system. Then they started poking buttons on the pretty screen.
>=20
> Somewhere there is a terrified 12 year old.
>=20
> Please don't think I am saying infrastructure security should not be =
improved - it really does need help. But I really doubt this was =
anything truly interesting.
That's precisely the problem: it does appear to have been an easy =
attack.
(My thoughts are at =
https://www.cs.columbia.edu/~smb/blog/2011-11/2011-11-18.html)
--Steve Bellovin, https://www.cs.columbia.edu/~smb
