Thursday Morning Scary Read
Nancy Bartels driving the blogging machine here this morning. I am not by nature an alarmist, and I tend to ignore headlines that say (or imply) "OMG, we're all going to die!" On the other hand, when you smell smoke in the kitchen for longer than a couple of minutes, it can't hurt to assume something more than the toast is burning. Which brings us to this link from Dark Reading. http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/232600345/utilities-facing-brute-force-attack-threat.html
For me, the money quote comes well down in the article, "The SCADA industry isn't mature enough to place their products on the Internet," This from H.D. Moore, chief security officer at Rapid7, a vulnerability management and testing company out of Boston.
Given the amount of hype generated by vendors (aided and abetted by us media types) over Internet connectivity and "the cloud," this kind of talk should make your breakfast settle a little uneasily. The fight to keep your automation systems exclusively in a walled garden in the strictest sense has probably been lost, but if you haven't been paying very close attention to your security, you'd better start. I think there's more than toast burning out there.