[ISN] SCADA hack talk canceled after U.S., Siemens request

From: InfoSec News <alerts_at_private>
Date: Thu, 19 May 2011 01:45:21 -0500 (CDT)
http://news.cnet.com/8301-27080_3-20064112-245.html

By Elinor Mills 
InSecurity Complex
CNet News
May 18, 2011

Two researchers say they canceled a talk at a security conference today 
on how to attack critical infrastructure systems, after U.S. 
cybersecurity and Siemens representatives asked them not to discuss 
their work publicly.

"We were asked very nicely if we could refrain from providing that 
information at this time," Dillon Beresford, an independent security 
researcher and a security analyst at NSS Labs, told CNET today. "I 
decided on my own that it would be in the best interest of security...to 
not release the information."

Beresford said he and independent researcher Brian Meixell planned on 
doing a physical demonstration at the TakeDown Conference and shared 
their slides and other information on vulnerabilities and exploits with 
Siemens, ICS-CERT (Industrial Control Systems Cyber Emergency Response 
Team), and the Idaho National Lab on Monday.

A DHS official provided this statement: "DHS' Industrial Control Systems 
Cyber Emergency Response Team (ICS-CERT) frequently engages with 
industry partners and members of the cybersecurity community to share 
actionable vulnerability information and mitigation measures in an 
effort to better secure our nation's critical infrastructure. In this 
collaboration, DHS always prioritizes the responsible disclosure of 
vulnerability information, while concurrently providing actionable 
solutions and recommendations to better secure our nation's 
infrastructure. This responsible disclosure process does not encourage 
the release of sensitive vulnerability information without also 
validating and releasing a solution."

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Wed May 18 2011 - 23:45:21 PDT

This archive was generated by hypermail 2.2.0 : Wed May 18 2011 - 23:56:10 PDT