[LINK] CIA Admits Cyberattacks Blacked Out Cities

Richard Chirgwin rchirgwin at ozemail.com.au
Tue Jan 22 09:48:06 AEDT 2008 

Wow ... I love the gap between the scary headline and the very thin 
detail in the CIA statement:

"We have information, from multiple regions outside the United States, 
of cyber intrusions into utilities, followed by extortion demands. We 
suspect, but cannot confirm, that some of these attackers had the 
benefit of inside knowledge. We have information that cyberattacks have 
been used to disrupt power equipment in several regions outside the 
United States. In at least one case, the disruption caused a power 
outage affecting multiple cities. We do not know who executed these 
attacks or why, but all involved intrusions through the Internet."

Let's disassemble the statement:
> We have information, from multiple regions outside the United States, 
> of cyber intrusions into utilities, followed by extortion demands.
..."information" is, in CIA-speak, a different creature to 
"verification". It means "someone said something happened".
> We suspect, but cannot confirm, that some of these attackers had the 
> benefit of inside knowledge.
Note the "cannot confirm"...
> We have information that cyberattacks have been used to disrupt power 
> equipment in several regions outside the United States.
..."Information" again... remember that it was "information" that gave 
the world WMD and Iraq.

> We do not know who executed these attacks or why, but all involved 
> intrusions through the Internet.
There is one positive, unequivocal statement made in the whole thing: 
"all involved intrusions through the Internet". In the absence of any 
other fact, how in the world can that last statement be supported?

Of course, anybody who exposes a critical SCADA system to any 
Internet-connected network, even indirectly, is a brain donor. But 
scare-mongering like this is designed for the Information Week Google 
hit-counter.

RC


David Boxall wrote:
> Here we go again.
>
> <http://www.informationweek.com/story/showArticle.jhtml?articleID=205901631&cid=RSSfeed_IWK_All> 
>
>
> " Citing two Government Accountability Office reports on SCADA 
> security, Paller said that people have been adding wireless and 
> Windows to SCADA systems without really thinking about security. 
> "They're gotten radically unsafe," he said."
>

More information about the Link mailing list