Today the DHS ICS-CERT published a new white paper;
Destructive Malware. This is a brief overview of wiper (five types) and
multifunctional wiper (three types) malware. It provides a couple of paragraphs
to summarize the action of each malware type with a very brief recovery
summary.
This is not a technical level document; it is more of a
management overview designed to allow mid-level managers to understand the very
basics of what their technical personnel are talking about. Unfortunately, I
think that it misses its usefulness for this purpose by being too definitive in
its explanation of appropriate responses. It might lead non-technical managers
to unnecessarily question tech actions that do not fit the narrow parameters of
the actions suggested.
I also do not understand why this is being published by
ICS-CERT instead of US-CERT. While these malware may affect ICS operations,
they are not specifically ICS malware. If this had been published by US-CERT it
might reach a wider audience outside of the control system security community.
Posts
No comments:
Post a Comment