[146916] in North American Network Operators' Group
Re: Water Utility SCADA 'Attack': The, um, washout
daemon@ATHENA.MIT.EDU (Jerry Dixon)
Sun Nov 27 07:43:00 2011
In-Reply-To: <B004D8EB-4A6B-496B-ADBB-6BB5E2CF4BE8@puck.nether.net>
From: Jerry Dixon <jerry@jdixon.com>
Date: Sun, 27 Nov 2011 07:41:37 -0500
To: Jared Mauch <jared@puck.nether.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
There is already a law on the books called Protected Critical Infrastructure=
Information (PCII). It has stiff penalties for leaking the information. T=
he reporting critical infrastructure company has to request the information o=
r report be protected under PCII. In most cases the companies also use thei=
r own NDA as well for added recourse if the info gets leaked. Also the fusi=
on center or DHS could of offered this option up since most companies do not=
know this option/law is on the books. For a State Fusion center to levera=
ge this law they have to get a delegation from DHS or at a minimum bring the=
executive agent in to declare the info PCII since it's a federal law. =20
The PCII designator works and has been used in past incidents. Sensitive bu=
t unclassified does not work and has widely varying meanings from agency to a=
gency. If it's that sensitive use PCII or classify as SECRET. =20
Regarding this incident, I was skeptical from the get go. The fog of war ar=
ound any incident is usually pretty thick at the initial stage. This has be=
en shown even in national level cyber exercises time and time again. FBI/US=
SS/US-CERT are routinely engaged and investigating cyber incidents and nothi=
ng new here. People acted as if that was outside the norm when it was not. =
=20
Jerry
Jerry@jdixon.com
On Nov 26, 2011, at 3:14 PM, Jared Mauch <jared@puck.nether.net> wrote:
> +1
>=20
> This isn't the pentagon papers.=20
>=20
> Those found leaking should face the legal consequences for sbu information=
leakage.=20
>=20
> One can't have every email/memo leaked as it makes it unfeasible to perfor=
m ones job.=20
>=20
> Jared Mauch
>=20
> On Nov 26, 2011, at 7:51 AM, "andrew.wallace" <andrew.wallace@rocketmail.c=
om> wrote:
>=20
>> My comment about a certain person leaking public-private sector correspon=
dence to the media still applies then.
>>=20
>> https://plus.google.com/114359738470992181937/posts/DSnJfKqrJK1
>>=20
>>=20
>> Andrew
>>=20
>>=20
>>=20
>> ________________________________
>> From: Jay Ashworth <jra@baylink.com>
>> To: NANOG <nanog@nanog.org>=20
>> Sent: Saturday, November 26, 2011 3:14 AM
>> Subject: Water Utility SCADA 'Attack': The, um, washout
>>=20
>> Not an attack: an already failing pump, and an employee of a contractor t=
o the
>> utility who was ... wait for it ...
>>=20
>> traveling in Russia on personal business.
>>=20
>> WaPo via Lauren @ Privacy: http://j.mp/rrvMXR
>>=20
>> Cheers,
>> -- jra
>> --=20
>> Jay R. Ashworth Baylink jra@baylink=
.com
>> Designer The Things I Think RFC=
2100
>> Ashworth & Associates http://baylink.pitas.com 2000 Land Rove=
r DII
>> St Petersburg FL USA http://photo.imageinc.us +1 727 647=
1274
>=20
