eWeek ate my hamster

January 17, 2013 Leave a comment Go to comments

Last summer I interviewed Space Rogue and did a story on his history of security hype: A cyber terrorist ate my hamster.

I must now report that the process is alive and well, courtesy of eWeek.

Over the last couple of days the media has been full of a story about two virus outbreaks in US scada installations. eWeek is clear in its own story USB Storage Drive Loaded With Malware Shuts Down Power Plant:

The U.S. Computer Emergency Readiness Team reports that a U.S.-based power generating facility was shut down after a contract employee introduced malware into the turbine control systems and into engineering workstations. The contractor routinely used his USB drive to perform updates on control systems as well as workstations in the power plant.

I would just like to point out, very politely, that this is what is known in polite circles as a ‘lie’. ICS CERT did not say that.

I covered this story in Infosecurity Magazine way back on January 4: The lessons of Shamoon and Stuxnet ignored: US ICS still vulnerable in the same way.

The truth is less dramatic than eWeek suggests – although dramatic enough. The virus was discovered while the system was in a scheduled shutdown. It delayed its restart, it did not cause its shutdown. But that’s far less dramatic and far less worrying…

The next stage in the security hype process is for politicians to seize on the eWeek story to justify the need of the next draconian piece of anti-terrorist cyber legislation, or the next exponential increase in some LEA’s budget request. Journalists really should read what they talk about before they talk about what they haven’t properly read.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s