SEARCH Archives
Loading
Sponsored by:

Ask Control Engineering

Ask Control EngineeringThe Ask Control Engineering blog covers all aspects of automation, including motors, drives, sensors, motion control, machine control and embedded systems. Control Engineering answers questions from readers of Control Engineering's print and online magazines, newsletters and other publications. To comment on any blog posting, click on the post's highlighted question and scroll to the "Post a Comment" box at the bottom. Submit questions as comments to any existing post.

See all Ask Control Engineering blogs and comments

Update on digital certificates

September 02, 2011

Bookmark and Share

The Ask Control Engineering posting of August 4 talked about how a hacker can pose as something else using fraudulent or stolen digital certificates. A recent article in Computer World discusses how hackers obtained “a digital certificate good for any Google website.” Using this, a hacker can pose as any of Google’s services and use this to pull off a man in the middle attack on anyone trying to access his or her accounts using the same network as the hacker.

The article goes into greater depth on how it all happened, but there are still many gaps as investigators try to piece together events.

This type of attack strategy is a favorite for cyber criminals trying to break into industrial networks, and is effectively what happened with Stuxnet. The attacker places himself between the HMI and the plant equipment, sending bogus and possibly harmful orders to the equipment while making the HMI tell operators that nothing is wrong.

--Peter Welander, pwelander(at)cfemedia.com

No entries

Nothing found in the guestbook.

CAPTCHA image for SPAM prevention

Featured Content

Industrial networking: One network for full enterprise connectivity

Application template for machine modules

WindPower 2013: Fair winds, prosperous show in Chicago

Wireless network: Field testing benefits

Control strategy for stabilizing the world's largest semi-submersible heavy transport vessel

Control platform provider helps integrate subsea and topside automation platform

New high-powered temperature controller

Industrial-grade network video recorder

» More Featured Content

Poll of the Week

How integrated are your maintenance, controls, and instrumentation systems?
Fully integrated
Somewhat integrated
Loosely integrated
They're not


Click Here for Poll Archives
Sponsored by:

CFEMedia.com | Subscribe to Magazine | Advertise | Contact Us | About Us | Site Map | Privacy Policy
Channels | New Products | Media Library | Connect | Industry News | Events and Awards | Newsletters | Blogs | Magazine
Control Engineering | Plant Engineering | Consulting-Specifying Engineer
All content copyright © 2010-2013 CFE Media. All rights reserved.