[SCADASEC] Protect All Industrial Controllers, Stat!

Myrcurial myrcurial at 100percentgeek.net
Thu Aug 28 09:08:42 CDT 2008 

I had assumed that like all security professionals, members of this
list spent sufficient time in the seedier alleys of the internet so as
to be aware of as much as possible.

Just because the bad guys and the hackers are focussed on the wrong
attack methodology doesn't mean that they can't do bad things or that
they fail to have interesting or useful information.

Oh - and your search terms are as effective as mine, in fact, I was
just being sufficiently precise so as to ensure a perfect search
return. (Try it - you'd be surprised)

~M

On Thu, Aug 28, 2008 at 10:04 AM, Toecker, Michael
<mtoecker at burnsmcd.com> wrote:
> Now why would you search for "Boreas Vulnerability Checklist"?  That
> wasn't in any of these emails....  "Boreas Firmware Vulnerability" would
> have been my search term if all I had seen was Kevin's email.
>
> Mayhaps you have already seen the advisory?
>
> Sincerely,
>
> Michael Toecker
> Control Systems Security Designer
> Compliance & Infrastructure Protection
> Burns & McDonnell Engineering
> 425 South Woods Mill Road
> Suite 300
> Chesterfield, MO 63017
>
> Office: 314-682-1545
> Cell: 615-948-6954
> www.burnsmcd.com
>
>
> -----Original Message-----
> From: scadasec-bounces at news.infracritical.com
> [mailto:scadasec-bounces at news.infracritical.com] On Behalf Of Myrcurial
> Sent: Thursday, August 28, 2008 8:56 AM
> To: scadasec at news.infracritical.com
> Subject: Re: [SCADASEC] Protect All Industrial Controllers, Stat!
>
> It's as public as it can be... Google's got it.
>
> http://www.google.com/search?q=boreas%20vulnerability%20checklist
>
> It appears that DHS leaks through the water isac. (wow, that was bad
> even for me...)
>
> The trick appears to be "do what?"
>
> ~M
>
> On Thu, Aug 28, 2008 at 9:47 AM, Toecker, Michael
> <mtoecker at burnsmcd.com> wrote:
>> Kevin,
>>
>> I've received this advisory as well.  To answer your questions:
>>
>> 1.  Yes, both advisories appear to be talking about the same
>> vulnerability.
>> 2.  No, no discussion has taken place to my knowledge about this
>> vulnerability on this listserve.  The advisories were released as DHS
>> "FOUO", which means that the information contained within the
> disclosure
>> cannot be released to the public, media, or other personnel without
>> valid need-to-know or DHS approval.
>>
>> Sincerely,
>>
>> Michael Toecker
>> Control Systems Security Designer
>> Compliance & Infrastructure Protection
>> Burns & McDonnell Engineering
>> 425 South Woods Mill Road
>> Suite 300
>> Chesterfield, MO 63017
>>
>> Office: 314-682-1545
>> Cell: 615-948-6954
>> www.burnsmcd.com
>>
>>
>> -----Original Message-----
>> From: scadasec-bounces at news.infracritical.com
>> [mailto:scadasec-bounces at news.infracritical.com] On Behalf Of Kevin
>> McGrath
>> Sent: Thursday, August 28, 2008 8:17 AM
>> To: scadasec at news.infracritical.com
>> Subject: [SCADASEC] Protect All Industrial Controllers, Stat!
>>
>> Howdy,
>>
>>> INDUSTRIAL CONTROLLER SYSTEM VULNERABILITY
>>
>> We received a 8/11/08 "Cyber Security Communique" from the AGA on 8/15
>> and today I get forwarded a NERC advisory with the below heading dated
>> 8/27/08:
>>
>>> INDUSTRY ADVISORY: ES-ISAC: "Boreas" Firmware Vulnerability
>>
>> 1) Are they talking about the same thing?
>>
>> 2) Has this been discussed here or elsewhere already & I may have
> missed
>> it?
>>
>> INL testing results seem to have generated at least the NERC alert.
>>
>> IMHO, both alerts seemed to be of a very general nature as in "check
> all
>>
>> your controllers ASAP and do something".
>>
>> Thanks,
>> Kevin
>>
>>
>>
>>
> ************************************************************************
>> ********
>> This e-mail and any files transmitted with it, are confidential to
>> National Grid and are intended solely for the use of the individual or
>> entity to whom they are addressed.  If you have received this e-mail
> in
>> error, please reply to this message and let the sender know.
>>
>> _______________________________________________
>> To unsubscribe from this mailing list, please visit:
>> http://news.infracritical.com/mailman/listinfo/scadasec
>>
>> To review our usage policy, please visit:
>> http://www.infracritical.com/usage-scadasec.html
>> _______________________________________________
>> To unsubscribe from this mailing list, please visit:
>> http://news.infracritical.com/mailman/listinfo/scadasec
>>
>> To review our usage policy, please visit:
>> http://www.infracritical.com/usage-scadasec.html
>>
> _______________________________________________
> To unsubscribe from this mailing list, please visit:
> http://news.infracritical.com/mailman/listinfo/scadasec
>
> To review our usage policy, please visit:
> http://www.infracritical.com/usage-scadasec.html
> _______________________________________________
> To unsubscribe from this mailing list, please visit:
> http://news.infracritical.com/mailman/listinfo/scadasec
>
> To review our usage policy, please visit:
> http://www.infracritical.com/usage-scadasec.html
>

More information about the scadasec mailing list