In this episode of the podcast #162: according to the non profit that oversees it, the first disruptive hack of the U.S. grid happened in March of this year. Our guest, Joe Weiss, said it really happened more than a decade ago and that hundreds more like it have been overlooked or mis-classified. Also: Rachel Stockton of the firm LastPass* joins us to talk about changing users troublesome password behavior to make companies more secure.
The North American Electric Reliability Corp. (NERC) imposed its stiffest fine to date for violations of Critical Infrastructure Protection (CIP) regulations, citing scores of violations. But who violated the standards and much of what the agency found remains secret.
Hackers believed to be affiliated with a nation-state hacked into emergency shutdown systems at a facility in the Middle East. The attack seemed intended to “cause a high-impact attack with physical consequences,” according to reports from a number of cyber security firms.
A new joint FBI-DHS report dishes the dirt on recent sophisticated attacks targeting the US energy grid and critical infrastructure, saying third party firms and web sites to gain access to energy and other critical infrastructure networks. It also names a sophisticated hacking group believed to be linked to the government of Russia.
In-brief: is it ever the case that things happen that “nobody saw coming”? Our guest on this week’s podcast would say “no.” He is Richard Clarke, a former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States and a veteran of four administrations, from President Ronald Reagan through to President George W. Bush. We talk about modern-day Cassandras: people who are warning about looming catastrophes, mostly in vain.