Wednesday, September 20, 2017

Thursday, December 15, 2016

Tuesday, July 19, 2016

Choo-Shoo pwn explained

...A detailed analysis of the security status of widely-used ICS/Scada systems, including railway and interlocking CBCS, has identified faults and vulnerabilities, which allow cyber criminals to not only degrade key reliability parameters and bypass safety mechanisms, but also to carry out attacks which directly affect rail traffic safety. Remarkably, these systems meet all of the relevant IT security and functional safety requirements and all have the required international, national and industrial certificates...

Monday, July 11, 2016

Friends don't let friends put SCADA on the Internet. At least tried...

220,558 Internet-connected ICS components worldwide
188,019 unique hosts (IP addresses)
170 countries (~82% of all)


HTTP is still most widespread industrial protocol
50,3% HTTP
13,4% Telnet
9,3% Niagara Fox
7,6% SNMP
7,4% Modbus

Sunday, February 28, 2016

SCADASOS annual report

SCADASOS, (in)Secure Open SmartGrids, is open initiative to raise awareness on insecurities of SmartGrid, Photovoltaic Power Stations and Wind Farms.
For last year, 80,000+ SmartGrid components reported by SCADASOS were disconnected from the internet.

Sunday, December 27, 2015