Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Critical Infrastructure Vulnerabilities Unearthed

The nation’s power and water infrastructures may be more susceptible to cyberattacks than previously believed. Two independent researchers said they found 25 vulnerabilities that could be exploited to sabotage access to power and water.

The researchers, Adam Crain and Chris Sistrunk, discovered that products from more than 20 vendors had significant security vulnerabilities that hackers could use to wreak such havoc as guiding a power station’s master server into an infinite loop or causing outages by injecting code into a server, thereby allowing the attackers to open and close substation breakers.

“Every substation is controlled by the master, which is controlled by the operator,” Sistrunk told Wired, which broke the story. “If you have control of the master, you have control of the whole system, and you can turn on and off power at will."

Read the rest of the article on Network Computing.