On Jan. 19th, 2012, Kim Zetter wrote for Wired on a new stunt by a group of cybersecurity researchers. According to the article, the cybersecurity researchers found security holes in the six top SCADA systems (industrial control systems that control critical infrastructure like electric grids, water treatment plants, etc.) used in U.S. critical infrastructure. SCADA systems control the physical infrastructure within U.S. critical infrastructure facilities. Hackers could potentially break into the computer networks of critical infrastructure facilities, overwhelm the SCADA systems, and destroy the utility's physical machinery.
As for those SCADA systems, they're notoriously easy to hack. The article explained that the same group of cybersecurity researchers deliberately released a series of exploits that would make it easier for hackers to attack the SCADA systems. Why on earth would they do this? To call attention to the problem. The cybersecurity researchers hoped that releasing the exploits would jolt SCADA manufacturers "into taking the security of their products more seriously."
The Wired article quoted one of the researchers: “We felt it was important to provide tools that showed critical infrastructure owners how easy it is for an attacker to take control of their system with potentially catastrophic results . . .”
The Wired article is pretty in-depth, and mentions both the specific vulnerabilities and the specific vulnerable products. The source article can be found here.
Leave a Reply