[R-390] Interesting part 2
Tisha Hayes
tisha.hayes at gmail.com
Wed Apr 8 22:44:32 EDT 2009
Sorry I hit send too early...
Not all networks are as secure as they should be. Some are quite vulnerable
but those of us who are working to secure infrastructure will not tell
anyone but the utility when we demonstrate an intrusion.
FERC has guidelines, NSA issues guidance, InfraGuard educates and informs.
It is a gigantic undertaking that will not be completely rwsolved for years.
Most attempts are inside jobs, fired or disaffected employees, the biggest
attempts are through the utility web site or billing system. The nightmares
involve physical access or SIGINT on an unsecured wireless network. There
ARE other governments who are always probing for openings.
If you have specific questions or comments contact me off the forum. There
are some white papers I can share without revealing too much.
Tisha Hayes, Technical Consultant, Communications, Control and Public
Infrastructure
More information about the R-390
mailing list