The nation’s power and water infrastructures may be more susceptible to cyberattacks than previously believed. Two independent researchers said they found 25 vulnerabilities that could be exploited to sabotage access to power and water.
The researchers, Adam Crain and Chris Sistrunk, discovered that products from more than 20 vendors had significant security vulnerabilities that hackers could use to wreak such havoc as guiding a power station’s master server into an infinite loop or causing outages by injecting code into a server, thereby allowing the attackers to open and close substation breakers.
“Every substation is controlled by the master, which is controlled by the operator,” Sistrunk told Wired, which broke the story. “If you have control of the master, you have control of the whole system, and you can turn on and off power at will."
Read the rest of the article on Network Computing.