[ISN] The Importance of 24x7 Event Monitoring in Process Control Systems

From: InfoSec News <alerts_at_private>
Date: Fri, 14 Nov 2008 05:50:59 -0600 (CST)
http://www.controleng.com/blog/590000659/post/420036442.html

By Matt Luallen and Steve Hamburg of Encari
November 12, 2008

Well, I (Steve here) finally succumbed to my temptation and saw the 
blockbuster hit Eagle Eye. (http://www.eagleeyemovie.com/ and 
http://www.fandango.com/eagleeye_110111/movieoverview). I’ll do my best 
not to ruin this movie in the event that you have not yet seen it while 
trying to make the key point of this blog.

Eagle Eye is based on the premise that someone, well in actuality, 
something (okay, I’ll stop with the hints) has extensively hacked into 
the power grid. While watching the movie, you’ll witness remote control 
of public transportation systems, cranes, demolition equipment, 
electricity transmission lines, etc. While the extent of exposure 
conveyed in the movie is quite far fetched, it does bring up a very 
important consideration: What are you doing in regards to your event 
monitoring operations?

In Eagle Eye, several severe breaches transpired before any one involved 
in several of our critical infrastructures became aware that such 
breaches had occurred. Further, a considerable amount of time following 
the point at which the breaches became known elapsed before the root 
cause of the breaches was identified. Pursuant to my previous 
consideration, it is critical to understand the implications associated 
with SCADA and process control systems security.

Unlike several professions, many aspects of critical infrastructure 
operations and other business operations involving SCADA and process 
control systems can be life threatening if a security breach occurs. For 
example, what could happen to a patient receiving radiation therapy from 
a device that is accessible from within a hospital’s wireless network? 
What could happen to passengers in a subway if the operations of the 
rail system were somehow overtaken by malicious parties? Similar 
questions are numerous.

[...]


______________________________________________      
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Fri Nov 14 2008 - 03:50:59 PST

This archive was generated by hypermail 2.2.0 : Fri Nov 14 2008 - 04:04:13 PST