http://www.controleng.com/blog/590000659/post/420036442.html By Matt Luallen and Steve Hamburg of Encari November 12, 2008 Well, I (Steve here) finally succumbed to my temptation and saw the blockbuster hit Eagle Eye. (http://www.eagleeyemovie.com/ and http://www.fandango.com/eagleeye_110111/movieoverview). I’ll do my best not to ruin this movie in the event that you have not yet seen it while trying to make the key point of this blog. Eagle Eye is based on the premise that someone, well in actuality, something (okay, I’ll stop with the hints) has extensively hacked into the power grid. While watching the movie, you’ll witness remote control of public transportation systems, cranes, demolition equipment, electricity transmission lines, etc. While the extent of exposure conveyed in the movie is quite far fetched, it does bring up a very important consideration: What are you doing in regards to your event monitoring operations? In Eagle Eye, several severe breaches transpired before any one involved in several of our critical infrastructures became aware that such breaches had occurred. Further, a considerable amount of time following the point at which the breaches became known elapsed before the root cause of the breaches was identified. Pursuant to my previous consideration, it is critical to understand the implications associated with SCADA and process control systems security. Unlike several professions, many aspects of critical infrastructure operations and other business operations involving SCADA and process control systems can be life threatening if a security breach occurs. For example, what could happen to a patient receiving radiation therapy from a device that is accessible from within a hospital’s wireless network? What could happen to passengers in a subway if the operations of the rail system were somehow overtaken by malicious parties? Similar questions are numerous. [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Fri Nov 14 2008 - 03:50:59 PST
This archive was generated by hypermail 2.2.0 : Fri Nov 14 2008 - 04:04:13 PST