Cylance Hacks Google Office Building Management System

Posted by Unknown on Wednesday May 8, 2013 @02:18AM from the ghost-in-the-machine dept.

Gunkerty Jeb writes "Industrial control minded researchers from the security firm Cylance launched a custom exploit against a building management system deployed at Google's Sydney, Australia office, gaining access to a configuration file containing device administration passwords that could be used to gain complete control of the device in question. This vulnerability in Tridium's Niagara framework affects an unknown number of organizations aside from Google. In fact, Tridium claims on its website that 'there are over 245,000 instances of the Niagara Framework deployed worldwide.' Cylance said its scans revealed some 25,000 similarly vulnerable systems facing the Internet."

2 of 46 comments (clear)

Min score:

Reason:

Sort:

Re:Serious by 93+Escort+Wagon · 2013-05-08 02:46 · Score: 3, Informative

No way - not even 4chan could be that cruel.

--
#DeleteChrome
It's a people problem by dubbayu_d_40 · 2013-05-08 03:23 · Score: 5, Informative

They can only get the configuration file if they already have access. The contractor left the passwords at the default.