First real-world SCADA attack in US

Ryan Pavely paradox at nac.net
Mon Nov 21 14:22:01 CST 2011


Might I suggest using 127.0.0.2 if you want less spam :P

Pretty scary that folks have
  1. Their scada gear on public networks, not behind vpns and firewalls.
  2. Allow their hardware vendor to keep a list of usernames / passwords.
  2b. Obviously don't change these so often.  Whens the last time they 
really "called support" and refreshed the password with the hw 
vendor.... Probably when they installed the gear... Sheesh..

Perhaps the laws people suggest we need to protect ourselves should be 
added to.  If you are the operator of a network and due to complete 
insanity leave yourself wide open to attack, you are just as guilty as 
the bad guys... But then again I don't want to goto jail for leaving my 
car door open and having someone steal my car, so nix that idea.


   Ryan Pavely
    Director Research And Development
    Net Access Corporation
    http://www.nac.net/


On 11/21/2011 2:48 PM, Leigh Porter wrote:
> I checked the SCADA boxes used in our "smart" building. They are all using 127.0.0.1
>
> Is that a security risk?
>



More information about the NANOG mailing list