Jump to content

Backdoor in mission-critical hardware threatens power, traffic-control

securitybreach

By securitybreach
in Security & Networking

 Share

Recommended Posts

securitybreach

securitybreach

Posted
Posted
In the world of computer systems used to flip switches, open valves, and control other equipment inside giant electrical substations and railroad communications systems, you'd think the networking gear would be locked down tightly to prevent tampering by vandals. But for customers of Ontario, Canada-based RuggedCom, there's a good chance those Internet-connected devices have backdoors that make unauthorized access a point-and-click exercise.

 

That's because equipment running RuggedCom's Rugged Operating System has an undocumented account that can't be modified and a password that's trivial to crack. What's more, researchers say, for years the company hasn't bothered to warn the power utilities, military facilities, and municipal traffic departments using the industrial-strength gear that the account can give attackers the means to sabotage operations that affect the safety of huge populations of people.....

 

http://arstechnica.com/business/news/2012/04/backdoor-in-mission-critical-hardware-threatens-power-traffic-control-systems.ars

Link to comment
Share on other sites
Guest LilBambi

Guest LilBambi

Posted
Posted

telnet_ruggedcom-4f98085-intro.png

Like a key under a door matt, the MAC address exposed here allows hackers to tamper with this Internet-connected RuggedCom device, used to control power substations and other criticial infrastructure.

 

That's pretty scary stuff when you think about it. That could be your electrical infrastructure, water infrastructure, natural gas.

 

And they have been pushing for us all to be on this so called smart grid ... wonder where that will lead with these types of major lack of security at the head end for these types of power, traffic-control, etc.

 

Sigh...

Link to comment
Share on other sites
ross549

ross549

Posted
Posted

Sadly, many governments are not going to want to pay to develop and deploy dedicated network infrastructure to keep this stuf off the public Internet.

 

Those same politicians need to be punched in the face, then fired and held financially responsible for the damages of such a system being hacked.

 

Adam

Link to comment
Share on other sites
securitybreach

securitybreach

Posted
  • Author
Posted

Those same politicians need to be punched in the face, then fired and held financially responsible for the damages of such a system being hacked.

 

Adam

 

:thumbup: B)

Link to comment
Share on other sites
Guest LilBambi

Guest LilBambi

Posted
Posted

Sadly, many governments are not going to want to pay to develop and deploy dedicated network infrastructure to keep this stuf off the public Internet.

 

Those same politicians need to be punched in the face, then fired and held financially responsible for the damages of such a system being hacked.

 

Adam

 

Daggone right Adam!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...