Monday, January 21, 2008

Fear mongering?

.. or the future?

Having been involved in information security in the past and in the present I have looked at things hackers (or rather crackers) can do to systems, this cames as no real surprise.

CIA
Hackers to Blame for Power Outages

This is nothing new in that it is only just possible to do these kind of things. It was something that was bound to happen some time. All public services or institutions should be aware that they can be a target for these types of criminals. If your services can be disrupted and that would harm you or your customers (and they will seek compensation from you!), then it is interesting for a cracker to blackmail you. When that time comes you better be prepared for that.

Banks and most financial institutions are already aware of this risk and have all kinds of security measures in place. Not just digital (firewalls and the like), but also physical (good locks and entrance badges) and more importantly they propagate awareness amongst their staff: the weakest link of the security chain. Social engineering almost always does the trick.

But not only the financial sector should have a defense in place: all utility firms should be ready. Apparently that is not the case.

But is the situation really that bad

However, I have my doubts about the press release. There is no real information. No specific events are mentioned. It creates fear amongst people, without real evidence.

Does the CIA want more money? That is the feeling I get from this news.

But then again, I do feel that there is a real risk for utility companies and that they really should prepare. They should put security measures in place. Or learn the hard way. If you don't build it, they will come!