Bidvert-advert

Stay Update - ICT Security

Enter your email address:

We hate spam as much as you do and we will never sell, barter, or rent your email address to any unauthorized third party.

Most Frequently Used Software


CURL / XPertMailer / AutoBlogger / (Parser - PHP Simple HTML DOM)

sabato 26 novembre 2011

Attacker says SCADA system was protected by three-character password

A second SCADA-based system at a US water plant was hit in recent days, with revelations made by the attacker that it was controlled by a 3-character password.

The attacker, using the alias 'Pr0f', hit the plant in Harris County in Houston, Texas. In an announcement on Pastebin he said his actions were based on what he felt were attempts by the united states Department of Homeland Security to downplay the specter of cyber attacks on critical infrastructure. This was following another attack on a water plant in Illinois.

Pr0f told Threatpost that the district had 'human machine interface' software to regulate water and sewage infrastructure accessible to the web, and the password used to guard the system was just three characters long.

Asked by SC Magazine what he considered this discovery, Pr0f said he was "somewhat shocked", but added that he had previously seen databases protected by the password '@dmin' and corporations using their names as passwords for workstations.

“There are multiple government and company websites in the market which are susceptible to basic SQL injection, that are performed with an internet browser and little to no knowledge,” he said.

He also said in his Pastebin statement that this was "barely a hack" as "a kid who knows how the HMI that incorporates Simatic works may have accomplished this".

He added: "i did not use an entirely new style of attack, just the similar sort of thing that have been around because the 1980s, though i will be able to say there has been plenty of hype about Stuxnet being the be-all and end-all of malware, even though it was incredibly clever with regards to the PLC rootkit, and doubtless required insider knowledge of the system it was attacking.”

Pr0f told Threatpost that he discovered the vulnerable system using a scanner that appears for the web fingerprints of SCADA systems.

Asked by SC Magazine if he was seeking to target anything mainly in his 'campaign', he said: “I'd rather not divulge an immense amount concerning the technical details within the interest of at the least semi-responsible disclosure. i do not want other folks with malicious intentions to copy this attack. But yes, i used to be specifically in search of a SCADA system.”



Pubblicato da alle 08:38

Nessun commento:

Posta un commento

Comments links could be nofollow free

Iscriviti a: Commenti sul post (Atom)