Two-and-a-half years ago researchers at Chicago-based cyber security firm Infracritical set out to measure how many industrial control systems are openly exposed to the Internet. Their disquieting findings are up for discussion today at the 2014 ICS Cyber Security Conference in Atlanta. Infracritical remotely identified over 2.2 million unique IP addresses linked to industrial control systems at energy-related sites including electrical substations, wind farms, and water purification plants. And they were still logging an average of 2,000-3,000 new addresses per day when they closed the count in January 2014. “We never reached bottom,” says Infracritical cofounder Bob Radvanovsky, an expert in securing supervisory control and data acquisition (SCADA) systems. Continue reading “Internet-Exposed Energy Control Systems Abound”
Tag: Control systems
Chinese Bullet Trains’ Worrisome “Black-box” Controls
In August we brought you disquieting news that Hollysys Automation — the supplier of a control system implicated in China’s deadly bullet-train collision this summer — also provides controls for China’s nuclear reactors (which are multiplying just as fast as its high speed rail lines). The Hollysys story now looks darker after informed speculation reported in the Wall Street Journal that the company may not fully comprehend how the control systems work. Continue reading “Chinese Bullet Trains’ Worrisome “Black-box” Controls”
Peter Fairley 