Critical Infrastructure Vulnerabilities Unearthed

Researchers find 25 flaws in products used in power and water systems that attackers could exploit. In a separate study, researchers find vulnerabilities in a widely used vessel tracking system.

Tony Kontzer

October 30, 2013

1 Min Read
Network Computing logo

The nation’s power and water infrastructures may be more susceptible to cyberattacks than previously believed. Two independent researchers said they found 25 vulnerabilities that could be exploited to sabotage access to power and water.

The researchers, Adam Crain and Chris Sistrunk, discovered that products from more than 20 vendors had significant security vulnerabilities that hackers could use to wreak such havoc as guiding a power station’s master server into an infinite loop or causing outages by injecting code into a server, thereby allowing the attackers to open and close substation breakers.

“Every substation is controlled by the master, which is controlled by the operator,” Sistrunk told Wired, which broke the story. “If you have control of the master, you have control of the whole system, and you can turn on and off power at will."

Read the rest of the article on Network Computing.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights