Pillar to Post: Peter Welander's Blog
News and comment from Control Engineering process industries editor, Peter Welander
The world of IT comes to us, part 1
IT cyber security experts look at industrial systems with dismay. Here’s why.
A recent article in InformationWeek opens with the following statement: “Thousands of Internet-connected industrial control systems aren't being properly protected by firewalls or strong authentication, which leaves them at risk of being exploited by attackers.”
It cites a warning released by ICS-CERT on December 9 which warns industrial users that hackers are using SHODAN to find industrial networks that are connected to the Internet but not adequately protected. Evidently, there are lots of them. Moreover, some of the industrial equipment has even more vulnerabilities than users realized. SHODAN says it can locate any device, “From Web servers to industrial control systems to refrigerators and anything else connected to the Internet. Find devices based on city, country, latitude/longitude, hostname, operating system and IP.”
If you thought nobody could find you, think again. Scary? You bet.
More to come.