Dr. InfoSec's Quotes of the Week (006)

Monday, August 09, 2010

Christophe Veltsos


SmartGrid's Off-Switch

"We’re about to acquire a significant new cyber-vulnerability. The world’s energy utilities are starting to install hundreds of millions of ‘smart meters’ which contain a remote off switch. Its main purpose is to ensure that customers who default on their payments can be switched remotely to a prepay tariff; secondary purposes include supporting interruptible tariffs and implementing rolling power cuts at times of supply shortage.  The off switch creates information security problems of a kind, and on a scale, that the energy companies have not had to face before. From the viewpoint of a cyber attacker – whether a hostile government agency, a terrorist organisation or even a militant environmental group – the ideal attack on a target country is to interrupt its citizens’ electricity supply. This is the cyber equivalent of a nuclear strike; when electricity stops, then pretty soon everything else does too. Until now, the only plausible ways to do that involved attacks on critical generation, transmission and distribution assets, which are increasingly well defended.  Smart meters change the game. The combination of commands that will cause meters to interrupt the supply, of applets and software upgrades that run in the meters, and of cryptographic keys that are used to authenticate these commands and software changes, create a new strategic vulnerability..." -- From the abstract section of a paper by Ross Anderson and Shailendra Fuloria entitled "Who controls the off switch?"

Dealing with Today's Threats

"You have to assume they're going to get in... So, the art form here [i.e. dealing with the current attack landscape] is to figure out who's in your network, good or bad, figure out what they're doing, identify whether it is consistent with or contrary to all the policies you have to put in place to protect all of your information and systems. And, finally, once you determine if somebody is in there and doing something that you don't like ... figure out how to stop it, and figure out how to stop it quickly so that they don't do more than acceptable levels of harm. That's a new model; that's an entirely new prospect, and it requires new kinds of skills, new monitoring and controls technologies and new kinds of responses..." -- Preston Winter, former NSA CIO

FBI AD on Cyber-Underground

"The potential for considerable profits is enticing to young criminals, and has resulted in the creation of a large underground economy known as the cyber underground. The cyber underground is a pervasive market governed by rules and logic that closely mimic those of the legitimate business world, including a unique language, a set of expectations about its members’ conduct, and a system of stratification based on knowledge and skill, activities, and reputation.  One of the ways that cyber criminals communicate within the cyber underground is on website forums. It is on these forums that cyber criminals buy and sell login credentials (such as those for e-mail, social networking sites, or financial accounts); where they buy and sell phishing kits, malicious software, access to botnets; and victim social security numbers, credit cards, and other sensitive information. These criminals are increasingly professionalized, organized, and have unique or specialized skills..." -- Gordon M. Snow, Assistant Director, U.S. Federal Bureau of Investigation

State of Security

"Security technology and practice have advanced quite a bit in the past few years, but one thing that has become clear is that whatever gains have been made are just not keeping pace with the innovation of attackers. The advances being made by malware authors and crimeware gangs are keeping them well ahead of the curve and will continue to do so for the foreseeable future...  While money has been the main driver for targeted attacks for some time now, recent developments have shown that attackers are now intent on keeping control of a compromised system for as long as possible and they're finding new and interesting ways to stay hidden all the time..." -- Dennis Fisher, editor at Threatpost.com

Hayden on Cyber

"You guys made the cyber world look like the north German plain, and then you frak and moan because you get invaded. We all get treated like Poland on the web, invaded from the west on even-numbered centuries, invaded from the east on odd-numbered centuries.  The inherent geography of this domain – everything plays to the offense. There's almost nothing inherent in the domain that plays to the defense. That really affects how you think about it when you're a GI..." -- Michael Hayden, retired General, former head of CIA & NSA

Cyber-Crime & 0-Day Flaws

"The cybercrime ecosystem continues to thrive without the need for zero day flaws, and it will continue to as long as millions of end users continue getting exploited with 6+ months old flaws..." -- Dancho Danchev, writing for ZDNet

Cross-posted from Dr. Infosec 

Possibly Related Articles:
Security Awareness
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.