Skip to main content

Episode #36 Timmy is in the well... Nope that's Sodium Hydroxide

This week we saw an attack against a city water system, in an attempt to poison the drinking water.

Many of us have been warning about this for years.


How did this happen? 
It must have been the work of sophisticated nation state attackers, it has to be hard to hack a water treatment plant because you know, people could die if that happened. 
The people in charge must take extra precautions, and have really good security practices in place to keep our drinking water safe. They must have been unable to prevent or avoid this attack.


These are all things that we hope would be true, unfortunately the reality of what actually happened is far more disturbing.   

(Channeling my inner security Yoda) Sophisticated this attack was not, difficult to pull off was it not,  prevented could have been, security basics lacking they were, practice good they did not.

What happened was a multitude of failures in requiring and implementing the most basic and foundational of security controls. 

We have reached a point in our technology journey as a society, that we need to pause for one moment and take stock of the giant mess we have created. 

We need to figure out what minimum safety standards are needed for critical infrastructure. 

We need to ask ourselves should the things that can kill us be connected to the internet in the first place?

Knowing that the security posture of the affected water treatment plant, borders on gross and willful negligence, what should the legal and criminal consequences be for those who made these shit decisions in the first place.

It's 2021 and computers can kill you, so let's act accordingly.  

We will be discussing this and more tonight on the Security Shit Show, join us for what is guarantied to be a lively discussion, and you never know Chris may do some show and tell as well. 

Join us tonight on YouTube at 10PM Central 21:00 Mountain  https://www.youtube.com/watch?v=iIbMHTxpkYE


Comments

Post a Comment

Popular posts from this blog

Episode One is On!

We're ready to roll! The first episode of the Security Shit Show is scheduled for this Thursday at 10pm CDT. It's sure to be good entertainment watching three information security "experts" shootin' the shit about some information security topic that's bound to get one (or all) of us riled up. We're live streaming our episodes on YouTube, so if you're looking for some Thursday night entertainment, grab a drink and listen in. The YouTube live stream show link is here;  https://youtu.be/Rg0_piBPLus The recordings, both video and audio will be posted shortly after the live show, so look out for those too.
Post a Comment
Read more

Killer Robots? Oh Shit.

If you missed last week’s episode, the Security Shit Show crew tackled the difficult discussion about morals and ethics. There are two ways to treat you ears and/or eyes (not likely) to Episode #5, "Moral and Ethical Shit in a Shitty World" : YouTube (video) Podcast (audio) It was an really good episode. A little bit of shit-slinging, but mostly just great discussion and opinion. If you like our shit, you should subscribe to our shit. Subscribe on YouTube or whatever your favorite podcast thingy is. Rumor has it, the shit will only get better and better! Episode #5 - Killer Robots? Oh Shit. Alright, we’re ready for the next episode of the Security Shit Show! Shout out to a helpful (and maybe even loyal) viewer Robert Hodges for calling our attention to a neat article titled “ Should 'Killer Robots' Be Banned? ”. Do killer robots sound like a good idea to you? Think about it... Certainly, Chris, Evan, and Ryan will have a few things to say about the topic.
1 comment
Read more

What's the Security Shit Show?

If you don't want your life to stink, quit standing in shit. The Security Shit Show is a podcast that three friends put together; Ryan Cloutier, Chris Roberts, and Evan Francen. We're information security veterans (some call us "experts") with more than 70 years of combined experience who have a lot of shit to get off our chest. The information security industry isn't all hunky-dory; we're doing a lot of things wrong and people are suffering because of it. You can be the "fly on the wall" or you can interact with us. Ultimately, this is your call. Here's the lowdown for our show... Name The Security Shit Show You can take this name two ways; either we're calling security a shit show, or we're discussing security shit on the show. The answer is "yes". Purpose Provide people with the real shit going down in our industry, and always discuss ideas about what people can do to make things better. This is not a
Post a Comment
Read more