[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Intruders hack industrial heating system using backdoor posted online
From: InfoSec News <alerts () infosecnews ! org>
Date: 2012-12-14 9:48:06
Message-ID: alpine.DEB.2.02.1212140347550.28817 () infosecnews ! org
[Download RAW message or body]
http://arstechnica.com/security/2012/12/intruders-hack-industrial-control-system-using-backdoor-exploit/
By Dan Goodin
Ars Technica
Dec 13 2012
Hackers illegally accessed the Internet-connected controls of a New
Jersey-based company's internal heating and air-conditioning system by
exploiting a backdoor in a widely used piece of software, according to a
recently published memo issued by the FBI.
The backdoor was contained in older versions of the Niagara AX
Framework, which is used to remotely control boiler, heating, fire
detection, and surveillance systems for the Pentagon, the FBI, the US
Attorney's Office, and the Internal Revenue Service, among many others.
The exploit gave hackers using multiple unauthorized US and
international IP addresses access to a "Graphical User Interface (GUI),
which provided a floor plan layout of the office, with control fields
and feedback for each office and shop area," according to the memo,
which was issued in July. "All areas of the office were clearly labeled
with employee names or area names."
An IT contractor for the unnamed business told FBI agents the "Niagara
control box was directly connected to the Internet with no interposing
firewall," according to the memo, which was published Saturday by Public
Intelligence. The website has an established track record of posting
authentic government documents. Barbara Woodruff, a spokeswoman in the
Newark, New Jersey division of the FBI, where the memo originated, said
the document appeared to be authentic.
The unauthorized access began in February, a few weeks after someone
using the Twitter handle @ntisec posted comments indicating hackers were
targeting SCADA -- or supervisory control and data acquisition --
systems. One tweet included a list of Internet addresses, including one
that was assigned to the heating system belonging to the New Jersey
business. The hack came five months before security researchers Billy
Rios and Terry McCorkle blew the whistle on serious vulnerabilities in
the Niagara system, which is marketed by Tridium, a company with US
offices located in Richmond, Virginia.
[...]
______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic