I wanted to wait to hear the reactions to the segment on 60 Minutes before commenting. If you missed it, see it here or read the transcript. Here are a few thoughts on the story.
- It is probably a net plus because 60 Minutes reaches an audience that might not be aware of the problem. Like many loyal blog readers, I received a number of emails from friends and family telling me about the segment.
- The team that wrote the story talked to a large number of people all over the control system security community hunting for a new example of a cyber compromise of a critical control system. Something with sizzle and in some detail on who did it and how. I guess they were not successful. This is likely due to a combination of few actual known cyber attacks and a reluctance and/or legal restriction on those that know to share the information.
- Remember the infamous Donohue/CIA announcement that “we [CIA] have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.” The 60 Minutes segment asserted that the country that was attacked and affected was Brazil. The assertion was based on “several prominent intelligence sources”. There was no information on the attack. Was it an insider with access and credentials? Was it an attack from the Internet? Did they alter the process or DoS it? Did they pull out the power cord? There still is no actionable intelligence here.