Re: "Fortune 1000 Companies Sending Spam, Phishing" (slashdot)

["Brian Loe" <knobdy () gmail com>]

On 3/30/07, Paul Vixie <paul () vix com> wrote:
> <SNIP>
> From the story: '...an IT
> engineer with American Electric Power, said the stock spam came from a
> bot-infected computer belonging to a contractor at one of its power generator
> plants.'"

That hits close to home in my new position - the government is
dragging a bit on getting its new regulations in order. Unfortunately
too, the regulations - or the preliminary guesstimate regulations - do
not go a long way in providing security as a whole but specifically
target systems involved in power production, black start systems and
other systems used in the direct management and monitoring of same.
That leaves out the most likely to be attacked admin-type systems. I
much prefer the DoD regulations though they may not go far enough
either.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.