shodan critical infrastructure cybersecurity ICS securityIts a small, busy place and is doing a good trade in tea, coffee and cakes. That woman has dropped some money. A child is running around. Later, another customer thinks they have got the wrong change.

Nothing too gripping, you might think, except that the feed should be private, seen only by the cafes managers. Somebody forgot to click a box so now anyone who knows where to look can watch.

That CCTV feed is just one of many inadvertently put online. Finding them has got much easier thanks to search engines such as Shodan that scour the web for them. It catalogues hundreds every day.

“Shodan makes it easier to perform attacks that were historically difficult due to the rarity of the systems involved,” Alastair ONeill from the Insecurety computer security research collective told the BBC. “Shodan lowers the cost of enumerating a network and looking for specific targets.”

It is not just CCTV that has been inadvertently exposed to public scrutiny. Search engines are revealing public interfaces to huge numbers of domestic, business and industrial systems.

Mr. ONeill and other researchers have found public control interfaces for heating systems, geo-thermal energy plants, building control systems and manufacturing plants.

Read more via How to hack a nations infrastructure | BBC News.

Tags: , , , ,

No comments yet.

Leave a Reply