Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Publishes Industrial Complex Hack

Posted by samzenpus on from the who-runs-the-power-plant dept.

snydeq writes "Security researcher Kevin Finisterre has published code that could be used to take control of computers used to manage industrial machinery, potentially giving hackers a back door into utility companies, water plants, and even oil and gas refineries. The code exploits a flaw in supervisory control and data acquisition software from Citect. The vendor has released a patch and risk arises only for systems connected directly to the Internet without firewall protection. Finisterre, however, sees the issue as indicative of a 'culture clash' between IT and process control engineers, who are reluctant to bring computers off-line for patching due to the potential havoc wreaked by downtime. 'A lot of the people who run these systems feel that they're not bound by the same rules as traditional IT,' Finisterre said. 'Their industry is not very familiar with hacking and hackers in general.'"

8 of 190 comments (clear)

  1. Well according to Die Hard... by Enderandrew · · Score: 4, Funny

    ...a standard cell phone will let you pretty much instantly hack and control anything in the country except for the utilities. For those, you need to go to 2 different locations that control all the utilities in the country.

    That movie had the "Mac guy" so I totally trust it.

    --
    http://blindscribblings.com - Tasty pop-culture in conceptual fashion.
    1. Re:Well according to Die Hard... by PC+and+Sony+Fanboy · · Score: 2, Funny

      That movie had the "Mac guy" so I totally trust it.

      that movie had bruce willis, so I totally trust it.

      oh, and I love macs.

  2. Re:I hope he had clearance by PC+and+Sony+Fanboy · · Score: 2, Funny

    he has a very American-sounding name.

    ... where do you think most americans came from?



    ... besides mexico ...

  3. Re:Well by Solra+Bizna · · Score: 4, Funny

    Firewalls are amazingly easy to bypass.

    From the inside, certainly.

    -:sigma.SB

    --
    WARN
    THERE IS ANOTHER SYSTEM
  4. Re:Why ... by Anonymous Coward · · Score: 1, Funny

    pretty scary - did u see the latest die hard? sounds like it can actually happen! (firesale!)

  5. Re:Why ... by CrazyJim1 · · Score: 1, Funny

    And it is cheaper still to have a drinking bird do your remote work.

    --
    God spoke to me.
  6. Re:Why ... by LaminatorX · · Score: 3, Funny

    If only there were some sort of virtual private network available that could give them a reasonably secure low-cost option for remote access.

  7. some threat by commodoresloat · · Score: 2, Funny

    Someone I know was threatened with a screwdriver for just trying to replace a router.

    What's the big deal? Drink the screwdriver and then replace the router.