Sunday, December 28, 2014

SOS! Secure Open SmartGrids!

Dear all,

After our 31C3 Too SmartGrid in da Cloud talk we get many questions about Solar and Wind plants vulnerabilities, Internet connected SmartGrid devices. Guys, sorry, but we don’t know yet.

There are dozens of platforms, hundreds of vendors, thousands of SmartGrid devices… Millions of them connected to Internet without any protection. But you can change the situation.
Join our SCADASOS project to make the world safer!


FAQ

Q: WTF SACADSOS?
A: SCADASOS - (un)Secure Open SmartGrids is open initiative to rise awareness on insecurities of  SmartGrid, Photovoltaic Power Stations and Wind Farms.

Q: How to participate
A: Find Internet-connected PV and Wind power stations and notify vendors/CERTs/community.

Q: Wow! It simple! Can I hack it?
A: No. It can be a hospital or your grandma’s cottage. Please use passive approach (firmware analysis, testbeds etc.)

Q: I get an 0day!
A: Please submit it to vendor and/or regional CERT 

Q: What will I get?
A: Kudos at SCADA StrangeLove Talks/Knowledge/Safer World.

Details

You can make shodan saved search or drop google dorks to twitter

Please use tags #solar #wind #scadasos


Links

https://www.tofinosecurity.com/blog/project-shine-1000000-internet-connected-scada-and-ics-systems-and-counting

http://www.slideshare.net/phdays/scadacs-find-thembindthemphdiii2013

http://scadastrangelove.blogspot.de/2013/12/internet-connected-icsscadaplc30c3.html

http://www.scadaexposure.com/report/2013-11

http://www.shodanhq.com/browse/tag/scada

PS


Enjoy
Posted by at
Labels: , , ,
Location: Hamburg, Germany

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)