funsec mailing list archives
SCADA Watch: America's Hackable Backbone
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Fri, 24 Aug 2007 17:49:51 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via Forbes.com (hat-tip: zone-h news). [snip] The first time Scott Lunsford offered to hack into a nuclear power station, he was told it would be impossible. There was no way, the plant's owners claimed, that their critical components could be accessed from the Internet. Lunsford, a researcher for IBM's Internet Security Systems, found otherwise. "It turned out to be one of the easiest penetration tests I'd ever done," he says. "By the first day, we had penetrated the network. Within a week, we were controlling a nuclear power plant. I thought, 'Gosh. This is a big problem.'" In retrospect, Lunsford says--and the Nuclear Regulatory Commission agrees--that government-mandated safeguards would have prevented him from triggering a nuclear meltdown. But he's fairly certain that by accessing controls through the company's network, he could have sabotaged the power supply to a large portion of the state. "It would have been as simple as closing a valve," he says. [snip] More: http://www.forbes.com/home/security/2007/08/22/scada-hackers-infrastructure - -tech-security-cx_ag_0822hack.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFGzxo1q1pz9mNUZTMRAn2uAJ9Gjm2BZmCku334qUB9U1RJiaM6+ACeNPDD 68K5Wp99k1g6SQ9tVCtWHlw= =mczz -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- SCADA Watch: America's Hackable Backbone Paul Ferguson (Aug 24)