The Systems That Control Water and Power Plants Are Shockingly Vulnerable to Hackers, Study Finds

Published on by in Technology

The Systems That Control Water and Power Plants Are Shockingly Vulnerable to Hackers, Study Finds

A disturbingly high percentage of industrial control systems (ICS)—the technology used to manage everything from water treatment plants to the International Space Station—are eminently vulnerable to malicious hackers, according to tests performed by a leading global security firm.

monitor-1307227_960_720.jpg
Representative image, Source: Pixabay

Positive Technologies reported that its researchers were able to penetrate 73 percent of industrial organizations. In 82 percent of successful infiltrations, the researchers said it was possible to “gain a foothold and leverage it to access the broader industrial network, which contained ICS equipment.”

ICS is a term that describes various technologies, such as SCADA, for controlling systems used in industrial automation by manufacturing, power, water, and wastewater plants, the oil and gas industry, and many other sectors.

While the use of ICS equipment isn’t new, the expansion of the internet and wireless technology brought a new level of connectivity to ICS, ultimately enhancing its efficiency and speed while leaving the systems increasingly vulnerable to malicious attack.

The most successful attack vector exploited to gain perimeter network access came from vulnerabilities in web applications, the researchers said, including SQL injection, arbitrary file uploads, and remote command execution. “Almost every company used dictionary passwords for web server administration systems or for remote access via management protocols, which allowed continuing the attack vector to obtain LAN access in one third of cases,” the report states.

Read full article: Gizmodo

Media

Taxonomy