Bridget O’Grady over at the Association of State Drinking
Water Administrators has published a link on the ASDWA’s
Security Notes web site to a new FBI/DHS handout on Potential
Indicators of Cyber Threats to Industrial Control Systems. It’s nice to see
the FBI and DHS cooperating on ICS security issues, but I hope this hand out is
not an indicator of the quality of their collaborative work.
To be sure, for a one page handout this does a fairly good
job of presenting interesting information about the threat to ICS security. The
limited list of potential threat indicators does provide a start to awareness,
but it is hardly comprehensive. It also assumes a level of security awareness (eg:
no explanation what a ‘targeted phishing email’ is) that may not be
appropriate.
They probably could have done without the “How Do They Work”
section as it doesn’t provide much in the way of information about threat
indicators. The space could have been put to better use describing some recent
attacks.
The biggest problem with this hand-out is that it is
obviously a draft that should never have seen publication. The contact
information for the FBI’s Cyber Task Force is completely missing.
If anyone has seen a more properly vetted version of this
sheet, please let me know. It’s not much but it could be of some limited use in
communicating information to people in the control system community.
Posts
1 comment:
FYI, this looks like a bogus flyer. The FBI contact info is all XXXX's.
Post a Comment