Googling to hack the infrastructure

Posted on Friday, August 5th 2011 at 11:42 a.m.

At the Black Hat conference FusionX’s Tom Parker was able to use Google to hack into a water treatment facility’s control systems  .

The ability to do so lies in the fact that remotely accessable Supervisory Control and Data Acquisition ( SCADA ) systems were visible on Google search.  SCADA systems are used in industrial controls such as power plants, water plants, nuclear generating stations, and the like.  Parker was able to access the plant and log into a pumping control using a password of “1234.”

Parker reassured the crowd that ouside attacks would require substantial effort and coordination and would be extremely challenging to pull off.  However, the past few months of hacking have demonstrated that substantial effort and coordination are not beyond the realm of possibility.  So in the future, if your power goes out or your municipal water supply has to be shut down, you might have Anonymous or more nefarious groups to blame.

comments powered by Disqus