Still scared for SCADA?Well, since Stuxnet, I suppose we should be concerned, if not scared.
The sky hasn't fallen, and there are plenty of very silly scaremongering stories around, but we can never write off stories about infrastructure attacks as science fiction again, as if it could only happen in a Tom Clancy novel or a James Bond movie, and SCADA is very much part of that.
I don't claim to be any sort of expert on SCADA (though, for a while, Stuxnet certainly occupied a heck of a lot of my working hours: See our report "Stuxnet Under the Microscope" and any number of blog posts, including these).
Nonetheless, earlier this year, I got to present on the topic at the Infosecurity Europe expo in the U.K. There isn't a paper to go with that, but the presentation, complete with speaker notes, is now posted on the ESET white papers page as: "Infrastructure Attacks: The Next Generation?"
And, of course, I keep an eye on threads and events relating to that area. Here are a couple of conferences scheduled for the autumn that may be of interest to you:
- Joe Weiss has posted information on the ACS 2011 ACS Control System Cyber Security Conference in Washington, D.C. (Sept. 20-22)
- There is also information on the Industrial Control Systems Joint Working Group (ICSJWG) 2011 Fall Conference (Oct. 24-27 in Long Beach, Calif.)