Article discussing the Siemens hardcoded password in industrial control systems:
http://www.wired.com/threatlevel/2010/07/siemens-scada/
The above article citing the Siemens negligence/incompetence has been made extremely pertinent by the Stuxnet virus, which is the most important leap forward in threat level of any virus in history: http://www.wired.com/threatlevel/2010/07/siemens-scada/
The building I provide security to uses Siemens to control the building's processes and access. Stuxnet was meant for industrial systems such as nuclear power, it would be a case of over-alarm and exaggeration to say common office towers in Seattle are in imminent danger, at least as of 2010.
But programming technologies that are at one time difficult and only for the rarest breed of brilliant hacker are often eventually made into cookie-cutter/mass-produced programs that are simple to deploy by any malevolent middle-intellect. We may have entered an era in which the very systems we use to automate a site's security measures becomes a tool of bad guys -a tool they could use to unlock doors, turn off alarm monitors, or any other action the industrial control system has in its scope of control.
-Lance Miller this.is.lance.miller@gmail.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment