SCADA/Municipal water system attacks
Derek Trotter
expat.arizonan at gmail.com
Mon Nov 21 09:23:39 MST 2011
I figure that to be 830,584 possible combinations. That's 26 lower case
letters, 26 more upper case, 10 numbers and the special characters I
counted on my keyboard. That's 94 possible characters for each of the
three in the password. 94*94*94=830,584. Of course there are the other
possible characters you can get by holding down the alt key and pressing
a number, or using the windows character map. Somehow I feel if they're
only bright enough to come up with a three character password, we can
dismiss those possibilities that aren't on the standard US keyboard. I
could be wrong, but I'm guessing a password cracking program wouldn't
take too long to try 830,584 possible combinations.
On 11/21/2011 0:33, Michael Butash wrote:
> Hah.
>
> "Hacker Says Texas Town Used Three Character Password To Secure
> Internet Facing SCADA System"
>
> http://threatpost.com/en_us/blogs/hacker-says-texas-town-used-three-character-password-secure-internet-facing-scada-system-11201
>
>
> Good enough for government.
>
> -mb
>
>
> On 11/20/2011 03:27 PM, Sam Kreimeyer wrote:
>> I think that most operators generally take whatever data SCADA spits
>> out at face value. After all, how would they recognize what dangerous
>> behavior looks like if they don't understand how these systems work
>> anyway? Let the IT guy figure it out.
>>
>> I think we are witnessing the nascence of an appreciation for just how
>> devastating a vulnerability to industrial control mechanisms can be.
>> The security of these systems has long relied on their own obscurity
>> and the hope that nobody will be particularly inclined to cause havoc
>> with no *obvious* potential for profit. That's why they have that
>> expensive firewall, right?
>>
>> On 11/20/11, Derek Trotter<expat.arizonan at gmail.com> wrote:
>>> Same here. When I first heard of this, I said to myself: "Bet these
>>> systems run on windows."
>>>
>>> On 11/20/2011 14:00, Lisa Kachold wrote:
>>>>
>>>>
>>>> On Sat, Nov 19, 2011 at 11:25 PM, Michael Butash<michael at butash.net
>>>> <mailto:michael at butash.net>> wrote:
>>>>
>>>> There was some idle chat here prior about Stuxnet and how it
>>>> almost single-handed stopped or at least delayed Iran's Nuclear
>>>> aspirations, and I'd commented on how there was a variant called
>>>> Duqu that was running rampant in our SCADA systems that run
>>>> municipal water.
>>>>
>>>> Seems our environmentals that run cities have and are being
>>>> exploited more frequently with more disclosures in the past few
>>>> days of incidents in Springfield Illinois and Houston Texas. Not
>>>> only do I guarantee security on these systems and networks not up
>>>> to par, their embedded and obscure nature means they probably
>>>> aren't even regularly patched to take advantage. In the
>>>> Springfield incident they actually caused damage to a critical
>>>> pump, and it's only going to continue to get worse as it's now
>>>> being talked about more mainstream and word spreads.
>>>>
>>>> http://www.theregister.co.uk/2011/11/17/water_utility_hacked/
>>>>
>>>>
>>>> http://www.theregister.co.uk/2011/11/18/second_water_utility_hack/
>>>>
>>>> I know I sleep better at night knowing all this software runs on
>>>> old windoze systems! Even better is how they're talking about in
>>>> here how they are often now internet connected systems so they
>>>> can
>>>> be managed remotely to save costs (i.e. outsource it). Maybe
>>>> letting the Chinese government run our city water systems isn't
>>>> quite what they had in mind, but anything to save a buck in these
>>>> trying times I suppose...
>>>>
>>>> -mb
>>>>
>>>>
>>>> chortle! snort!
>>>> --
>>>> (602) 791-8002 Android
>>>> (623) 239-3392 Skype
>>>> (623) 688-3392 Google Voice
>>>> **
>>>> HomeSmartInternational.com
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
"That income tax you know it's nothing more than legal robbery"
Sidney "Pa" Larkin
Please protect my address like I protect yours. When sending messages to multiple recipients, always use the BCC: (Blind carbon copy) and not To: or CC:. Also remove all of the addresses from the message body before forwarding the message. These simple measures prevent spy programs from capturing the addresses shown in the recipient list and the message body.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20111121/2353ed24/attachment.html>
More information about the PLUG-discuss
mailing list