Go Back   DreamTeamDownloads1, FTP Help, Movies, Bollywood, Applications, etc. & Mature Sex Forum, Rapidshare, Filefactory, Freakshare, Rapidgator, Turbobit, & More MULTI Filehosts > Computer/MAC Help/Info. & New Technology > General Computer/Android Help, News & Info + New Technology

General Computer/Android Help, News & Info + New Technology Find All The Latest Reports/Reviews in Here. Start a New Thread in Here if You Need Help

IMPORTANT ANNOUNCEMENT
Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site.
Post New ThreadReply
 
LinkBack Thread Tools Display Modes
Old 25-11-11, 21:52   #1
 
Ladybbird's Avatar
 
Join Date: Feb 2011
Posts: 34,247
Thanks: 23,065
Thanked 12,657 Times in 8,507 Posts
Ladybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond repute

Awards Showcase
Best Admin Best Admin Gold Medal Gold Medal 
Total Awards: 6

Default Hacker broke into Water Plant System "It Was Easy"

Hacker says he broke into Texas water plant, others


CNET








The Twitter profile picture of the hacker who says he compromised a Texas water plant and others to show how easy it is.
(Credit: pr0f)

A twentysomething hacker said today that he hacked into a South Houston water utility to show that it can easily be done, after U.S. officials downplayed the risks from a report yesterday of an intrusion at an Illinois water plant.

The hacker, using the alias "pr0f," said he has hacked other SCADA (supervisory control and data acquisition) systems too.

He tweeted on November 5 links to public posts with what he identified as PLC configurations for a Polish waste-water treatment plant; SCADA data from an HMI (human-machine interface) box possibly for a generator used for research purposes at Southern Methodist University; and what he believes are water metering control system files from Spain or Portugal.

"Basically, people have no idea what's going on in terms of industrial control, groups like ICS-CERT (Industrial Control Systems Cyber Emergency Response Team) are too slow/don't have enough power to react to situations," he wrote in an e-mail to CNET. "There's a lot of rubbish information out there that's being treated seriously, etc. Lot of crap. So I'm putting information out there to show people what kind of systems are vulnerable to basic attacks."

He said his actions were prompted by the U.S. government's response to a report from an Illinois Statewide Terrorism and Intelligence Center that said intruders compromised a water utility in the state last week, burning out a pump. Industry expert Joe Weiss blogged about the report and provided more information to CNET yesterday. The Department of Homeland Security initially identified the location as Springfield, but a local official today reportedly confirmed that it happened in nearby Curran-Gardner Townships Public Water District, but the official could not say whether it was a hacking incident.

A DHS representative responded to the report with this comment: "At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety."

That government response irked pr0f.

"I dislike, immensely, how the DHS tend to downplay how absolutely F***ED the state of national infrastructure is," he wrote in a Pastebin post. "Ive also seen various people doubt the possibility that an attack like this could be done."

Then he provided screenshots of what look like diagrams of water and waste-water treatment facilities in South Houston, Texas.

This is one of the screenshots provided by pr0f as proof of his intrusion into a South Houston water utility.

This is one of the screenshots provided by pr0f as proof of his intrusion into a South Houston water utility.
(Credit: pr0f)

Fred Gonzalez, superintendent of the South Houston water plant, told CNET, "We're still checking into the whole problem and seeing what's going on."

A DHS representative said he would look into the purported Texas incident.

"I'm not going to expose the details of the box," pr0f wrote in his Pastebin post. "No damage was done to any of the machines; I don't really like mindless vandalism. It's stupid and silly.

"On the other hand, so is connecting interfaces to your SCADA machinery to the Internet," he added. "I wouldn't even call this a hack, either, just to say. This required almost no skill and could be reproduced by a two-year-old with a basic knowledge of Simatic," which is automation software from Siemens that's used to control equipment in industrial production.

Asked how he gets into systems, pr0f said: "As for how I did it, it's usually a combination of poor configuration of services, bad password choice, and no restrictions on who can access the interfaces."

He said he isn't a security professional and doesn't work in the SCADA sector. "I'm just an interested party who has read a few books about ICS and embedded systems," he said.

Though he uses an e-mail address from a service provider in Romania, he said he is not in that country, but declined to say where he's based.

"I assumed companies located there would be less likely to cooperate with the U.S. and turn over any logs of e-mails," he said. "That said, I believe the servers for these are located in Germany, which does dent the protection somewhat."

Pr0f's Twitter profile picture shows a "V for Vendetta," or Guy Fawkes, mask, which is used by people who participate in online activism and hacking as part of the Anonymous collective.

__________________
Nil Carborundum Illegitemi My Advice is Free My Friendship is Priceless

FREEBIES Continue to be a BURDEN on Our Increasing Server/Privacy Costs. Please DONATE Something to HELP...PM an Admin for Further Info.



& Thanks to Those That Have Taken The Time to Register & Become a Member of ... 1...
Ladybbird is online now  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
Reply With Quote
The Following User Says Thank You to Ladybbird For This Useful Post:
pop (05-01-12)
Post New ThreadReply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
SEO by vBSEO 3.5.2
Designed by: vBSkinworks