Amid the expected "folks are using SCADA incorrectly" and so and so industry/government agency is completely clueless, Joe says:
Come see this year's Integrated Cyber Exercise II (ICE II) October 1-3 at SANS Network Security 2008 ICE II will feature Paul and Larry of pauldotcom.com in a Hacker throw-down to see who is the best network attacker and defender. Paul and Larry will each have a major network to defend while they also attack each other. The event is open to all SANS Las Vegas attendees. Players can pick a side, defend their own network, attack at will or view and snipe from a distance. This year's event will feature more hardware including VoIP and SCADA. Enhanced scoring visualization and 3D graphics and even a complete traffic generator to hide the attackers. Come hang out in the spectator room and be eligible for random prize drawings sponsored by ThinkGeek, AirScanner, Syngress, CACE Technologies and Lone Pine Embroidery. Watch as phones, servers, cameras and even our own power grid are attacked and defended across three nights of fun, education and mayhem. Fortinet will be providing complete IDS monitoring and reporting while Core Security and Immunity will be demonstrating in the Red Cell room. I find this disturbing in the least. SANS should not be addressing SCADA in this manner for any number of reasons.
I'm not a huge fan of SANS (or their SCADA Endeavors) but what is the harm of just a little bit of fun between friends?
What's the worst that could happen, more "IT Security people" get interested in "SCADA?"
The horror. The horror.