Re: Congress Alarmed At Cyber-Vulnerability Of Power Grid

[Jason Lewis <jlewis () packetnexus com>]

This reminds me of a Red Team scenario...totally fictious...maybe.

Red Team goes to Military base for pen test.  They are told to test the 
network and ignore the open wireless AP in the office of the base 
commander.  WAP is directly connected to base network and accessible 
from outside fence of said base.  Red Team tests WAP for basic network 
connectivity and notes that this is a major security hole and makes any 
other testing pointless.  Recommendation is to remove WAP or at least 
lock it down and attempt some basic security.  A year passes and the Red 
Team is back for the yearly assessment.  WAP is still in commanders 
office with the open access.

If any entity is truly attempting to make things more secure...these 
constraints have to go.  The biggest problem with the above Red Team is 
the lack of authority to start punishing people for security breaches.  
It will take a huge embarassing incident for that to change...and even 
then...the base commander will have the last word.  "Don't include the 
WAP in my office"  It seems a lot of government agencies have this 
problem, which is sad.

Matt Jonkman wrote:
> I may (or may not) have done a vulnerability assessment at TVA a few 
> years ago. Wasn't very productive. Let's just say that the constraints 
> for what we could and couldn't test were.... ummm... preposterous.
>
> But the routers were fine... :)
>
> Matt
>
>   

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.