As the BlackHat conference kicks off in Vegas we hear rumors that some of the global Supervisory Control and Data Acquisition (SCADA) hardware is vulnerable over the internet. Although this is really nothing new what is new is that you can often find this hardware just by running the right searches on Google. According to Tom Parker, CTO at FusionX if you know the right strings and the devices you are looking for either have an embedded webserver or are connected to a system that is connected to the internet then you can send it control commands that can not only operate the equipment but could also cause permanent damage to it. Think of the scene in Die Hard 4 when the “bad guys” sent the commands to open up valves along the natural gas lines. This may sound far-fetched but it is not really.
The problem is that these devices are not sophisticated in the way we think about them. For example one that was used in the presentation is a PLC (Programmable Logic Controller) that they purchased with an embedded webserver (usually for easier operation) with this Parker’s team was able to find certain hardware strings and use Google to identify other PLCs on the internet. One even had a password attached to it. These controllers should never be on the internet as once they are compromised a malicious person (or persons) can wreak havoc on the systems they control.
If you ever wanted a clearer indication that the global infrastructure is vulnerable or that the old school corporate society is ignorant of how the world operates; here it is. We said earlier to imagine Die Hard 4’s “Fire Sale” well in that scenario the hackers had to break into the system; in real life most of the control devices that can be located on the internet are not password protected, use no form of encryption (or simply cannot) and will not work with authentication… Scary when you get right down to it.
Source CNET
Discuss this on our forum