AOH :: IS2023.HTM

Infrastructure Security Trapped at Dangerous Crossroads




Infrastructure Security Trapped at Dangerous Crossroads
Infrastructure Security Trapped at Dangerous Crossroads



http://securitywatch.eweek.com/disaster_planning/infrastructure_security_trapped_at_dangerous_crossroads.html 

By Matthew Hines 
eWEEK.com Security Watch
April 25, 2009

The red lights are flashing, the gates are coming down, the train is 
approaching, but traffic still hasn't moved out of the way.

IT systems, and their many inherent IT security vulnerabilities, have 
encroached the United States grid infrastructure to the extent that our 
most critical electrical, water, transportation and communications 
systems are likely already vulnerable to cyber-attacks that could 
produce disastrous results, top experts in the field maintain.

A panel of some of the most influential leaders in the arena of securing 
U.S. infrastructure systems from electronic assault painted a dire 
picture at the RSA Conference 2009 in San Francisco this week, warning 
that organizations operating in the utilities, manufacturing and 
telecommunications verticals, among others, need to address matters of 
IT security today.

"Many organizations in the grid industries have a large IT staffs, but 
they typically have small security teams, which speaks to the problems 
that we're having in identifying and responding to the types of threats 
that we're facing," said Jerry Dixon, a former U.S.-CERT Director who 
currently works for security research specialists Team CYMRU. "We're 
seeing a huge increase of probing looking for SCADA systems, mostly 
coming from Asia."

Makers of infrastructure-oriented technologies such as the Supervisory 
Control and Data Acquisition (SCADA) systems referenced by the expert, 
whose job at CERT involved performing security assessments for the 
federal government, are adding remote access features and ties to shared 
networks such as the Internet, making them more exposed to potential 
attacks.

[...]


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information 



Site design & layout copyright © 1986-2014 CodeGods