Tuesday, November 22, 2011

On water hacking

There is a lot of ongoing publicity revolving around the recent attacks on water district SCADA systems. These cases were trivial to carry out based on gaping, easily solvable vulnerabilities. Industrial controls folk need to take it upon themselves as professionals practicing due care to step it up. It isn't difficult to adopt good security practices. This isn't much different from the transition business users had to make in going from single user systems (think DOS and Windows 3.x) to networked systems. In this case, the technology exists.

It was interesting to note that an August presentation at the Black Hat conference mentioned water attacks. Coincidence? Not likely. If you work in Industrial Automation you likely know much more vulnerable and potentially dangerous targets. Let's fix this before a tragic event and regulation requires it. 

News: CNET
Forum discussion, and at IA, and PLCTalk.
Blog posts: Tofino II, SCADAHacker

Disclaimer - this post is not affiliated with the Water Hackathon event. The author thought it was funny.

1 comment:

Brett Hardy said...

Hello there, just became aware of your blog through Google, and found that it is truly informative. I am gonna watch out for brussels. I will be grateful if you continue this in future. Many people will be benefited from your writing. For More Info: PLC Programming