Jump to content


SCADA systems ICS-CERT alert issued ...

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 02 November 2010 - 02:34 PM


SCADA systems ICS-CERT alert issued...
- http://threatpost.co...-systems-110210
November 2, 2010 - "ICS-CERT, the emergency response team for industrial control systems, has warned companies that run SCADA (Supervisory Control and Data Acquisition) software that the systems running it may be easily discovered using a free Web based search engine dubbed Shodan. The warning came in the form of an ICS-CERT Alert*, published on October 28. The group, which is part of US-CERT, warns that "multiple independent security researchers" have reported using SHODAN to discover Internet facing SCADA systems in "several critical infrastructure sectors". The systems discovered range from systems used for remote access and monitoring, but also include systems with the ability to directly manage configuration of SCADA systems... Control system operators were advised to conduct an audit their existing systems, including those not directly connected to the Internet, to make sure that no weak or default passwords are being used. In addition, operators are advised to place any control systems behind firewalls and to isolate them from business networks. Virtual Private Networks (VPN) should be used for remote access to such systems and strong passwords and access management strategies should be employed..."
* http://www.us-cert.g...t-10-301-01.pdf

- http://www.us-cert.g...ontrol_systems/

- http://www.us-cert.g...cert/index.html


Edited by AplusWebMaster, 02 November 2010 - 02:51 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button