My friend Dale Peterson interviewed me several days ago for his podcast series, and certainly the interview focused on Stuxnet. For all who take the effort to listen to the lengthy podcast, I apologize for appearing fuzzy – I was coming from a one-hour dentist appointment, couldn’t feel half of my face, and could still hear the sound of the driller in my head. Anyway since Dale had requested the interview some time ago, I didn’t want to reschedule.
One topic that Dale raised in the interview is the performance of DHS in the Stuxnet saga. Unfortunately I realized only afterwards what the simple reason for the anemic nonsense that DHS has published on the virus seems to be: Stuxnet is classified. However, they can’t tell you it’s classified, since this would be evidence for US participation in Stuxnet. It’s classified that it’s classified. Therefore, you see only those three bizarre ICS-CERT advisories that we have blogged about earlier.
They can’t even tell you about the real nasty vulnerabilities exploited by Stuxnet, such as the s7hkimdb.dll vulnerability in Simatic Manager that allows an attacker to execute arbitrary code and that, under different circumstances, would have received much more attention than some other vulns that ICS-CERT wants to print on your paper. They just CAN’T. But since they also can’t just hide away, they send out their best info warriors (McGurk, Lichtenfells) to feed the public with highly potent hypnotics: The damn DHS sales pitch that you have seen and heard so many times before. From previous experience, these guys know that 87% of the audience will have dozed off even before they reach the part with the flyaway teams. Now with the understanding that they can’t do any better even if they wanted to, I will stop blaming them. Apologies to Sean for having been rough on him.
One other thing: At the end of the interview, I mention that I was shocked to see Dale cancel S4, his high profile annual conference. This was not just to do Dale a favor, it was in all honesty. I believe right now we need S4 more than ever, and I hope that Dale will be able to resume the tradition soon. When that happens, I hope to see many blog readers in Miami. I will certainly be there.
Ralph Langner