funsec mailing list archives
Re: Foul
From: Robert Graham <robert_david_graham () yahoo com>
Date: Mon, 9 Nov 2009 20:30:27 -0800 (PST)
From: Paul Ferguson <fergdawgster () gmail com> No that I have watched the 60 Minutes episode in question, I can't speak to the Energy Grid issues -- but I can speak to all of the other cyber crime issue mentioned. They are all true, even minimized.
I, too, was surprised by the low number. We've been involved in cases, with the FBI totaling more than $100-million so far this year. However, they succeed in unwinding most of the transactions, and recover most of the money, so I'm guessing that $100-million is money that was stolen but could not be recovered. BTW, it's Russia and the Ukraine.
If you think that they these sophisticated criminals cannot use the same techniques against ICS/SCADA infrstructire...
They can. I have. It's easy. I gave a presentation with (sanitized) results from hacking into the power grid: http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Maynor-Graham-up.pdf The thing is, though, we are in far greater danger from accidental failures, or from the Chinese/AlQaeda strategically placing bombs on the grid. Yet, hackers are the least understood, and like witches, the most feared. Unethical journalism, like the 60 Minutes story, just stokes those irrational fears, which is unlikely to result in any rational outcome. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.