Siemens was forced to admit some vulnerabilities in July. If they admit these, what exists are greater.
This is just the latest in a string of revelations about the security
shortcomings of Siemens SCADA and industrial control systems. The
Stuxnet worm shone a light on vulnerabilities in the Siemens software,
including a hard-coded administrative back door account that the worm
exploited. In recent months, Siemens has come under fire for taking
too long to fix many of the vulnerabilities in its products that
Stuxnet leveraged.
Besides the water hacks in Illinois, there have been repeated at-will entries into NSTAR for the last two years, among others. The systems have poor security and the people setting them up are clueless as to password formation.
US officials have cast doubt over reports that a water pump in Illinois was destroyed by foreign hackers.
The FBI and the Department of Homeland Security said they had "found no evidence of a cyber intrusion".
The Illinois Statewide Terrorism and Intelligence Center (STIC) previously claimed a hacker with a Russian IP address caused a pump to burn out.
A security expert, who flagged up the story, said he was concerned about the conflicting claims.
Information about the alleged 8 November breach was revealed on Joe Weiss's Control Global blog last week. His article was based on a formal disclosure announcement by the Illinois STIC.
The report said that the public water district's Supervisory Control and Data Acquisition System (Scada) had been hacked as early as September.
It claimed that a pump used to pipe water to thousands of homes was damaged after being repeatedly powered on and off.
They are lying because their first job is to protect millionaires and billionaires, not the public. If they can lie and prevent casual hackers from trying and lie and prevent stocks from falling, that's what they'll do.
They'll kill and maim US citizens as they did to me, to cover for a Bormann group, Nazi German corporation.
Mr Weiss said he was concerned that the email appeared to contradict the initial report.
"This begs the question why two government agencies disagree over whether a cyber event that damaged equipment had occurred at a water utility," he wrote on his blog.
"If the STIC report is correct, then we have wasted precious time and allowed many others in the infrastructure to remain potentially vulnerable while we wait to find out if we should do anything."
Oh, it's correct. Not only has NSTAR been the target of interactive attacks for two years that damaged our property and threatened to start fires, so have other water departments where real time water meter monitoring was used to harass citizens like us... when they simply turned the water on or flushed a toilet.
SPQR
No comments:
Post a Comment