First real-world SCADA attack in US

• Previous message (by thread): First real-world SCADA attack in US
• Next message (by thread): First real-world SCADA attack in US
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Steven Bellovin wrote:
> On Nov 21, 2011, at 4:30 PM, Mark Radabaugh wrote:
>>>
>>>
>> Probably nowhere near that sophisticated.   More like somebody owned the PC running Windows 98 being used as an 
>> operator
>> interface to the control system.   Then they started poking buttons on the pretty screen.
>>
>> Somewhere there is a terrified 12 year old.
>>
>> Please don't think I am saying infrastructure security should not be improved - it really does need help.   But I 
>> really doubt
>> this was anything truly interesting.
>
>
> That's precisely the problem: it does appear to have been an easy attack.
> (My thoughts are at https://www.cs.columbia.edu/~smb/blog/2011-11/2011-11-18.html)
>
> --Steve Bellovin, https://www.cs.columbia.edu/~smb


Umm hmm.  And here's another one poking around:
http://pastebin.com/Wx90LLum

"I'm not going to expose the details of the box. No damage was done to any of the machinery; I don't really like mindless 
vandalism. It's stupid and silly.
On the other hand, so is connecting interfaces to your SCADA machinery to the Internet. I wouldn't even call this a hack, 
either, just to say.
This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic."

--Michael

• Previous message (by thread): First real-world SCADA attack in US
• Next message (by thread): First real-world SCADA attack in US
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]