Researchers have found vulnerabilities in industrial control systems that they say grant full control of systems running energy, chemical and transportation systems.The bad news? You can make a big boom taking over a refinery. The good news? The industry may actually be paying attention now ("we demonstrated to owners ...").
The vulnerabilities were discovered by Russian researchers who over the last year probed popular and high-end ICS and supervisory control and data acquisition (SCADA) systems used to control everything from home solar panel installations to critical national infrastructure.
Positive Research chief technology officer Sergey Gordeychik and consultant Gleb Gritsai detailed vulnerabilities in Siemens WinCC software which was used in industrial control systems including Iran's Natanz nuclear plant that was targeted by the US Stuxnet program.
"We don’t have big experience in nuclear industry, but for energy, oil and gas, chemical and transportation sectors during our assessments project we demonstrated to owners how to get full control [of] industrial infrastructure with all the attendant risks," Gordeychik told SC Magazine.
It would actually be a good thing if the NSA monitored these systems. Do the Country a favor, NSA - focus on an actual threat (i.e. not us).