Tuesday, July 19, 2016

Choo-Shoo pwn explained

...A detailed analysis of the security status of widely-used ICS/Scada systems, including railway and interlocking CBCS, has identified faults and vulnerabilities, which allow cyber criminals to not only degrade key reliability parameters and bypass safety mechanisms, but also to carry out attacks which directly affect rail traffic safety. Remarkably, these systems meet all of the relevant IT security and functional safety requirements and all have the required international, national and industrial certificates...

Monday, July 11, 2016

Friends don't let friends put SCADA on the Internet. At least tried...

220,558 Internet-connected ICS components worldwide
188,019 unique hosts (IP addresses)
170 countries (~82% of all)

HTTP is still most widespread industrial protocol
50,3% HTTP
13,4% Telnet
9,3% Niagara Fox
7,6% SNMP
7,4% Modbus

Sunday, February 28, 2016

SCADASOS annual report

SCADASOS, (in)Secure Open SmartGrids, is open initiative to raise awareness on insecurities of SmartGrid, Photovoltaic Power Stations and Wind Farms.
For last year, 80,000+ SmartGrid components reported by SCADASOS were disconnected from the internet.

Sunday, December 27, 2015

32C3 slides

Slides and video from 32C3 The Great Train Cyber Robbery talk.

SCADAPASS #32C3 Release

Special Chaos Communication Congress release.
List of default password for industrial control systems components.

Kudos to  Oxana Andreeva (oxana.andreeva@inbox.ru)

37 vendors.
PLC, RTU, HMI, gateways, switches, servers, wireless ap, etc

Tuesday, December 22, 2015

Now Declared Capabilities

Neat FAQ about hardcoded password in Siemens SIPROTEC 4 protective relay.

"SIPROTEC 4 and SIPROTEC Compact devices allow the display of extended internal statistics and test information...