"the new question for Washington DC is whether DHS is prepared for Iranian counterstrikes in cyberspace."
Of course not and the political masters answer will be to try and take oversight of the private sector (as that's easier) than enforcing FISMA and strengthening internal federal oversight of security controls.
Posted by Peter Thoenen at June 25, 2012 02:20 PMhttp://www.telegraph.co.uk/news/uknews/law-and-order/9399014/Destroy-our-cyber-enemies-say-MPs.html
Destroy our cyber enemies, say MPs.
So our MPs want to put Britain in the firing line.
Posted by darren at July 17, 2012 04:16 PMThe people that run these SCADA systems for critical industrial controls rarely have a computer security mindset. They're engineers, and to them computers and computer networks are just another tool, not their main focus, so they really haven't the foggiest idea and they don't really care how stupid it is to control all that expensive equipment from a PC connected to the internet running a commodity operating system not known for its security, much less set it up for remote-desktop access from who knows where with a password typical of the average user.
You really don't want to leave these systems accessible to some hacker who thinks it's funny to destroy a municipal sewage pump station or turn a traffic signal green all four ways during rush hour, but it took the ignorance to a whole new level when they knew good and well that major nation-states didn't want them to be doing what they were doing, and yet they still didn't have basic security controls in place.
That was an expensive lesson for the Iranians, and rather a waste for us, because somehow I don't think it will be so easy to hack their centrifuges again, and just wait till Iran has nukes if you think gas is expensive now.
Posted by justin at August 13, 2012 10:58 PM