Battelle Energy v. Southfork 2d Seideman Decl..pdf

8/14/2019 Battelle Energy v. Southfork 2d Seideman Decl..pdf

1/4

SECOND DECLARATION OF STEVEN J. SEIDEMAN - 1

Scott E. Randolph (ISB #6768)

A. Dean Bennett (ISB #7735)HOLLAND & HARTLLP

101 South Capitol Boulevard, Suite 1400

P.O. Box 2527

Boise, ID 83701-2527Telephone: (208) 342-5000

Facsimile: (208) 343-8869

Email: [email protected]@hollandhart.com

Mark A. Miller (UT Bar No. 9563) (admitted pro hac vice)Ginger Utley (UT Bar No. 11766) (admitted pro hac vice)

HOLLAND&HARTLLP

222 S. Main Street, Suite 2200

Salt Lake City, UT 84101

Telephone: (801) 799-5800Facsimile: (801) 799-5700

Email: [email protected]@hollandhart.com

Attorneys for PlaintiffBATTELLE ENERGY ALLIANCE, LLC

IN THE UNITED STATES DISTRICT COURT

FOR THE DISTRICT OF IDAHO

BATTELLE ENERGY ALLIANCE, LLC, aDelaware limited liability company,

Plaintiff,

vs.

SOUTHFORK SECURITY, INC., an Idaho

corporation, COREY THUEN, an individual,

and DOES 1 through 10, inclusive,

Defendants.

Case No. 4:13-cv-00442-BLW

SECOND DECLARATION OF

STEVEN J. SEIDEMAN

Case 4:13-cv-00442-BLW Document 26 Filed 10/25/13 Page 1 of 4


2/4


I, Steven J. Seideman, hereby declare and state as follows:

1. I am the founder and President of Assured Information Solutions whichspecializes in computer and database consulting. I have been retained by the law firm Holland &

Hart, LLP, as a computer application and database expert for purposes of this litigation. I make

this declaration based on my personal knowledge and based upon my education, training, and

experience in working with computers and computer systems, which includes many years of

work within the Department of Defense and other highly secure computing environments.

2. The public release of software source code exposes individuals and infrastructurebehind the software to risk from those with malicious intent. Attackers use source code to

identify vulnerabilities in the software itself and to inform their attack strategy. It is extremely

important to understand that in security software applications a vulnerability does not have to be

identified in the source code for the software to be put at risk of compromise; knowing what

information the software itself is looking for, the strategies it uses to assess threats, and a host of

other details about how the software functions (all of which is gleaned from access to the source

code), can allow an attacker to design an attack that the software will not identify or one which

the software identifies as a benign process. In this instance both Sophia and Visdom are designed

to monitor network traffic and discover malicious activity. Knowledge of the source code in this

type of security application has the potential to allow an attacker to evade detection.

3. Given the nature of the industry involved in this matter, the risks posed bysoftware disclosure are serious. Nations such as China, with dedicated, talented and well-funded

hackers have a demonstrated interest in attacking the critical infrastructure systems protected by

the software at the heart of this case. Those attackers have the time and resources to spend on

using publicly available security software to inform their strategy for developing new attacks and

methods to avoid detection. Indeed, software like Sophia is developed directly in response to



3/4


such threats and the ongoing attacks against these systems. The availability of software similar to

Sophia could allow attackers to escape detection by Sophia.

4. Disclosure of source code that has been derived from protected software andappropriated into new software performing the same basic security functions and processes as

the original, protected software poses serious risk of compromise to the original software. The

source code released by the defendant in this case performs the same functions as the Sophia

code and implements much of the same security strategy as the software designed for Battelle.

The fact that the released code is for the same target environments as Sophia (e.g. industrial

control systems (ICS), like those that protect our nations nuclear infrastructure), presents risk

not only to the Sophia software, but any critical infrastructure it was designed to protect. It is not

an exaggeration to say that successful attacks against these systems would directly compromise

the national security interests of the United States, which is why these are precisely the systems

that are being targeted with well-funded attacks by other nation states.

5. The defense in this case has argued that knowing how a camera works does notmake someone invisible. However, knowing where a camera is placed will allow an individual to

identify its blinds spots, and for all intents and purposes become invisible to the camera.

I declare under penalty of perjury under the laws of the United States that the foregoing is

true and correct.

Executed this 25th day of October, 2013, at Boise, Idaho.

Steven J. Seideman



4/4


CERTIFICATEOFSERVICE

I HEREBY CERTIFY that on the 25th day of October, 2013, I filed the foregoingelectronically through the CM/ECF system, which caused the following parties or counsel to be

served by electronic means, as more fully reflected on the Notice of Electronic Filing:

Bradlee R. FrazerJason D. Scott

Hawley Troxell Ennis & Hawley, LLP877 W. Main Street, Suite 1000Boise, Idaho 83702-5883

Telephone: (208) 344-6000

Attorneys for DefendantsSouthfork Security, Inc. and Corey Thuen

[email protected]@hawleytroxell.com

/s/ Barbara Thurgood

Barbara Thurgood

6479227_1


Documents

Battelle Energy v. Southfork 2d Seideman Decl..pdf