[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] Energy Sector ISAC Update

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] Energy Sector ISAC Update
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Thu, 28 Feb 2002 14:51:24 +0100
Organization: http://www.fogis.de
Reply-to: infowar - de -! - infopeace - de
Sender: bendrath -! - zedat - fu-berlin - de

Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------

Das Information Sharing and Analysis Center des Energiesektors in den
USA existiert schon seit November. Hier ein Update zu Plänen und
Problemen. Es gibt immer noch große Bedenken, die Informationen auch
staatlichen Stellen mitzuteilen.
RB

http://www.computerworld.com/storyba/0,4125,NAV47_STO68585,00.html

Energy firms move to thwart cyberattacks

Industry Information-Sharing and Analysis Center prepares for widespread
initiative 

BY MICHAEL MEEHAN (MICHAEL_MEEHAN -!
- COMPUTERWORLD -
 COM)
(February 25, 2002) 
Energy industry giants are preparing to make a major push into the
information-sharing arena, hoping that a sophisticated alert system will
protect the nation's critical fuel infrastructure from physical assaults
and cyberattacks. 

Following a model used in the financial services and high-tech
industries, oil and gas companies have formed the Energy Information
Sharing and Analysis Center (ISAC). The center began operating in
November among founding members, including Conoco Inc., Duke Energy
Corp., ChevronTexaco Corp. and BP PLC. The group intends to push the
center as an industry-standard defense mechanism. 

"Maintaining the integrity of those [IT] systems has become an
increasing concern in our industry," said Bobby Gillam, manager for
global security at Houston-based Conoco. "We have to make sure that our
critical infrastructure is protected from both cyber and physical
threats." 

Daily Threats 

Sarah Jensen, manager of enterprise IT security at Charlotte, N.C.-based
Duke Energy, said that each day, her division tackles threats caused by
faulty technology or inadvertently exposed applications, creating the
need for round-the-clock vigilance. 

"I'd like to grow the ISAC so it makes my job easier," Jensen said. "My
goal is to create one-stop shopping. Right now, I've got my staff
checking all these different agency and vendors' sites looking for
information." 

Predictive Systems Inc. in New York has been tapped to run the ISAC on a
Unix server farm in Reston, Va. 

Anish Bhimani, chief technology officer at Predictive Systems, said that
previous ISACs the company has run on behalf of the financial services
industry and foreign countries have allowed users to post anonymous
information and receive classified alerts. 

Alerts can be labeled "normal," "urgent" or "crisis-level." Bhimani said
a tip received two weeks ago gave ISAC members a head start on tackling
flawed Simple Network Management Protocol (SNMP) installations. Last
week, Computerworld reported on a warning that hundreds of hardware and
software products with built-in support for SNMP are vulnerable to
attack (see story,
http://www.computerworld.com/storyba/0,4125,NAV47_STO68438,00.html). 

"Every hour counts in these situations," said Bhimani. 

While ISACs do a good job of disseminating alerts from government
agencies, energy firms will need to rethink how their IT infrastructures
push information out to the rest of the industry, said Gillam. 

Mark Evans, CIO at San Antonio-based oil refiner Tesoro Petroleum Inc.,
noted that it's difficult to draw information from the Supervisory
Control and Data Acquisition systems that run the operations of most oil
and gas companies. 

"For a long time, we've been unable to share that information within our
own company," Evans said. "That's really the first step." 

Gillam said companies will likely be reluctant to share incident
information with federal authorities unless the government can ensure
the privacy of that information. 

Bhimani said real-time IT capabilities?as well as confidence that shared
information can be kept confidential?will be critical. 

"Right now, we get a lot of, 'Here's what happened, and here's what we
did about it' submissions, as opposed to, 'Something just
happened?everybody duck' warnings," he said. "To get to that next step,
it's going to require some physical and cultural changes in the
industry." 

Founding members of ISAC also plan to establish an IT best-practices
list so that users will be able to turn the information into action. 

Related stories: 

Telecom infrastructure an open book, Feb. 11, 2002 
http://www.computerworld.com/storyba/0,4125,NAV47_STO68182,00.html

Energy, nuclear infrastructure exposed, Feb. 11, 2002 
http://www.computerworld.com/storyba/0,4125,NAV47_STO68183,00.html

Utility companies face barrage of cyberattacks, Jan. 21, 2002 
http://www.computerworld.com/storyba/0,4125,NAV47_STO67581,00.html

---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.

Prev by Date: [infowar.de] Re: und noch mehr OSI-Kritik
Next by Date: [infowar.de] zwei Gesetze zu Cybercrime/-sicherheit beschlossen im US-Repräsentantenhaus
Previous by thread: [infowar.de] OSI is tot
Next by thread: [infowar.de] zwei Gesetze zu Cybercrime/-sicherheit beschlossen im US-Repräsentantenhaus
Index(es):
- Date
- Thread