Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
United States Security Your Rights Online

DHS Mistakenly Releases 840 Pages of Critical Infrastructure Documents 50

wiredmikey (1824622) writes The Operation Aurora attack was publicized in 2010 and impacted Google and a number of other high-profile companies. However, DHS responded to the request by releasing more than 800 pages of documents related to the 'Aurora' experiment conducted several years ago at the Idaho National Laboratory, where researchers demonstrated a way to damage a generator via a cyber-attack. Of the documents released by the DHS, none were related to the Operation Aurora cyber attack as requested. Many of the 840 pages are comprised of old weekly reports from the DHS' Control System Security Program (CSSP) from 2007. Other pages that were released included information about possible examples of facilities that could be vulnerable to attack, such as water plants and gas pipelines.
This discussion has been archived. No new comments can be posted.

DHS Mistakenly Releases 840 Pages of Critical Infrastructure Documents

Comments Filter:
  • by slapout ( 93640 ) on Wednesday July 09, 2014 @09:53AM (#47415381)

    "Mistakenly" Sure...

  • by Joe Gillian ( 3683399 ) on Wednesday July 09, 2014 @09:55AM (#47415421)

    From what the article shows, it seems like a lot of this information is public knowledge - where substations and water plants are and how they operate. Pretty much everyone in my town knows where the local substations are, and it doesn't take a genius to know that an attack that disables or destroys a substation would have a massive impact on the people living there. None of these documents appear to be classified, which means they don't contain anything that DHS was afraid of the general public knowing.

    It would be a different story if these were classified documents containing things like the floor plans for nuclear plants and gaps in security at said plants that could actually be useful in an attack, but this seems like a non-story other than that DHS's FOIA officer got lazy and just CTRL+F'd for "Aurora" and blindly copied anything with that word in the name.

    • by Mr D from 63 ( 3395377 ) on Wednesday July 09, 2014 @10:12AM (#47415589)
      Yes, I think the article would more aptly be entitled, "DHS Releases Documents that Weren't Requested".
      • by Anonymous Coward
        To be fair, that in itself is news too.
    • The documents aren't critical. The infrastructure it refers to is.

    • by k6mfw ( 1182893 )

      Pretty much everyone in my town knows where the local substations are

      maybe remove these from maps both printed and Google? Yes it's ridiculous but I'm sure these ideas are kicking around. I read someplace that shortly after 9-11, some cities removed addresses of fire department stations because they felt if terrorists knew where these are they can disrupt first responders.

      • You are correct, it does sound ridiculous. However, a lot of things sound that way in today's world.

        Maybe the FBI and NSA couldn't use the monitoring they are doing on Americans to find people looking for this stuff in some attempt to find a terrorist cell so they released them to narrow down their search (either by looking closer at those who download it or those who don't but searched for it previously).

        As for first responders, You can always know where first responders are by creating an accident that r

  • by bluegutang ( 2814641 ) on Wednesday July 09, 2014 @09:56AM (#47415431)

    that nothing can be kept secret anymore? Whatever you want not to be exposed, whether diplomatic communications or technical documents or "intellectual property", will eventually reach the internet either by whistle-blowing or human error? And once it reaches the internet, if anyone cares about it then it will be perpetuated forever?

    There are advantages to such a situation, of course, but also disadvantages.

    • by DoofusOfDeath ( 636671 ) on Wednesday July 09, 2014 @09:59AM (#47415469)

      that nothing can be kept secret anymore?

      It's hard to say, because in general we don't know about the things that have remained secret. We know the numerator, but not the denominator.

    • by Creepy ( 93888 )

      There is no such thing as whistle blowing in the US, since the US classifies giving classified information to "someone that is not supposed to have it" as treason under the Espionage Act of 1917.

      And it isn't just whistle blowing - the White House recently committed treason by exposing the CIA operative in Afghanistan, for instance (and then said "whoops"). Note that the White House decided not to prosecute itself, just as it chose not to prosecute Dick Cheney and Richard Armitage for the same crime (in Plam

    • No, I don't. I get the impression that these documents were freely available, unclassified, public information. Or was DHS really trying to keep the location of that big-ass power substation down the street from me a secret?

    • This principle used to be called "information wants to be free", but then, people with poor language skills started shouting that information can't want anything.
      • 'Information wants to be free' is just a badly constructed wannabe-meme similar in quality to Apple's 'Think Different' slogan. Basically, it's the kind of drivel marketing types who dropped too much acid in college come up with.

        Why would anybody claim that the people who point this out have 'bad language skills'?

        • Because "fortune favors the bold" or "justice is blind" belong to the same category, and nobody objects against those? And I don't think the ancient peoples were dropping acid in college.
    • by ewieling ( 90662 )
      My hope is the "do-baders" spend so much time keeping things secret they have difficulty "doing bad".
  • by PortHaven ( 242123 ) on Wednesday July 09, 2014 @10:15AM (#47415605) Homepage

    Er...ya...or something.

  • You see, those dept.'s want even more of your money, and what with terrorists keeping quiet these days and the extremists
    being ID''ed by whether or not they read Linux Journal, the DHS, TSA, NSA and any other acronym that's got the coveted 'S',
    are starting to look pathetic.
    Can't have that!

  • Recall the inadvertent Gmail [slashdot.org] slip, and the doctor SSN [slashdot.org] fail ...

    Buy then books and send them to school and they bite the teacher.

  • IRS (Score:5, Funny)

    by MouseTheLuckyDog ( 2752443 ) on Wednesday July 09, 2014 @12:15PM (#47416771)

    Were the missing IRS emails in there?

    • by Ksevio ( 865461 )
      The IRS isn't a critical infrastructure so that seems unlikely. The recently lost ones were on a hard drive that died so it's even more unlikely the DHS stole a copy.
  • Mistake? Suure... (Score:4, Insightful)

    by WegianWarrior ( 649800 ) on Wednesday July 09, 2014 @12:51PM (#47417085) Journal

    Step one: Release a bunch of 'critical' documents by 'mistake'.

    Step two: Twiddle thumbs while terrorists / criminals abuse information released in step one.

    Step three: Point to attack in caused by step two, argue that DHS should be exempt from FOI Request because 'national security'.

    Step four: DHS can do anything they like without the public oversight.

  • There's nothing mysterious about this. The problem is that if someone gets control of circuit breakers for large rotating equipment, they may be able to disconnect it, let it get out of sync, and reconnect it. This causes huge stresses on motor and generator windings and may damage larger equipment. This is a classic problem in AC electrical systems. [ieee.org] A more technical analysis of the Aurora vulnerability is here. [selinc.com]

    The attack involves taking over control of a power breaker in the transmission system, one tha

  • Does anyone have a better link to the document to download and view? The browser on that Muckrock site is supremely annoying.

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...