AOH :: IS1365.HTM

The Importance of 24x7 Event Monitoring in Process Control Systems

The Importance of 24x7 Event Monitoring in Process Control Systems
The Importance of 24x7 Event Monitoring in Process Control Systems

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Matt Luallen and Steve Hamburg of Encari
November 12, 2008

Well, I (Steve here) finally succumbed to my temptation and saw the 
blockbuster hit Eagle Eye. ( and I=E2=80=99ll do my best 
not to ruin this movie in the event that you have not yet seen it while 
trying to make the key point of this blog.

Eagle Eye is based on the premise that someone, well in actuality, 
something (okay, I=E2=80=99ll stop with the hints) has extensively hacked into 
the power grid. While watching the movie, you=E2=80=99ll witness remote control 
of public transportation systems, cranes, demolition equipment, 
electricity transmission lines, etc. While the extent of exposure 
conveyed in the movie is quite far fetched, it does bring up a very 
important consideration: What are you doing in regards to your event 
monitoring operations?

In Eagle Eye, several severe breaches transpired before any one involved 
in several of our critical infrastructures became aware that such 
breaches had occurred. Further, a considerable amount of time following 
the point at which the breaches became known elapsed before the root 
cause of the breaches was identified. Pursuant to my previous 
consideration, it is critical to understand the implications associated 
with SCADA and process control systems security.

Unlike several professions, many aspects of critical infrastructure 
operations and other business operations involving SCADA and process 
control systems can be life threatening if a security breach occurs. For 
example, what could happen to a patient receiving radiation therapy from 
a device that is accessible from within a hospital=E2=80=99s wireless network? 
What could happen to passengers in a subway if the operations of the 
rail system were somehow overtaken by malicious parties? Similar 
questions are numerous.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Visit the InfoSec News Security Bookstore
Best Selling Security Books and More! 

Site design & layout copyright © 1986-2014 CodeGods