BBC News - The 'cyber-attack' threat to London's Olympic ceremony
igb at batten.eu.org
Mon Jul 8 10:52:51 BST 2013
How seriously can we take all this sort of stuff? It does seem remarkably convenient that, in the light of the PRISM (etc) revelations, GCHQ are suddenly purporting to open their files sufficiently to show us how it's a miracle that we aren't all strangled in our beds by cyber-criminals. If CIN utility systems are connected to the Internet, then the solution is not massive security measures at a whole-country level, the solution is removing CIN from the Internet and properly policing the airgap. Yes, that's not a 100% fix, as the broken bearings on some Iranian centrifuges will attest, and actually enforcing an airgap on geographically diverse equipment is a lot harder than it might at first sight appear. And the level of evidence --- which appears, from the cited story, to be at the "some people who had neither the capability nor the expertise nor the knowledge said they thought it might be a good idea to..." --- doesn't convince me that these risks are sufficient to support the solutions being proposed.
So far, the only case of a serious cyber-attack on CIN we know of is the Iranian centrifuge case, in which (so far as we can tell) massive state-actor resources were deployed against a broadly unprepared target in order to stop the functioning of one precise piece of equipment. Everything else is supposition and rumour. Is our CIN really at risk from cyber-terrorism? Where's the evidence?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ukcrypto