http://news.cnet.com/8301-27080_3-20064112-245.html By Elinor Mills InSecurity Complex CNet News May 18, 2011 Two researchers say they canceled a talk at a security conference today on how to attack critical infrastructure systems, after U.S. cybersecurity and Siemens representatives asked them not to discuss their work publicly. "We were asked very nicely if we could refrain from providing that information at this time," Dillon Beresford, an independent security researcher and a security analyst at NSS Labs, told CNET today. "I decided on my own that it would be in the best interest of security...to not release the information." Beresford said he and independent researcher Brian Meixell planned on doing a physical demonstration at the TakeDown Conference and shared their slides and other information on vulnerabilities and exploits with Siemens, ICS-CERT (Industrial Control Systems Cyber Emergency Response Team), and the Idaho National Lab on Monday. A DHS official provided this statement: "DHS' Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) frequently engages with industry partners and members of the cybersecurity community to share actionable vulnerability information and mitigation measures in an effort to better secure our nation's critical infrastructure. In this collaboration, DHS always prioritizes the responsible disclosure of vulnerability information, while concurrently providing actionable solutions and recommendations to better secure our nation's infrastructure. This responsible disclosure process does not encourage the release of sensitive vulnerability information without also validating and releasing a solution." [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Wed May 18 2011 - 23:45:21 PDT
This archive was generated by hypermail 2.2.0 : Wed May 18 2011 - 23:56:10 PDT