Main Area and Open Discussion > Living Room

News Article: LHC Website Defaced

<< < (2/2)

Deozaan:
I believe f0dder is referring to the LHC's Supervisory Control And Data Acquisition grid, and indeed he has a very good point. You'd think of all places that ignore security, the LHC would not be one of them.
Surely you can imagine someone managing to cause some damage with the worlds largest particle accelerator at their control.

Ehtyar.
-Ehtyar (September 14, 2008, 06:18 PM)
--- End quote ---

I didn't realize that the computers that control the LHC were at risk. I thought it was just data or website computers that were compromised.

f0dder:
Deozaan: the system they broke into (public-facing not-so-important stuff) is, as far as I can tell from the article, linked to control systems as well. Probably on different subnets with firewalling, other user credentials et cetera, but if they're connected they can be broken into.

SCADA is the kind of stuff used to control power grids, railway stuff, etc. Used to run on physically separate networks with dedicated access terminals, but since that was a bother, some of them are now routed across the internet (SCADA protocol encapsulated in IP packets). And some of the still physical separate systems are accessed through client applications on normal workstations that are internet-connected, which means if you break into one of those boxes, you can use it as a gateway to the SCADA grid.

So theoretically you might be able to shut down power plants, mess with railway traffic, etc. And iirc some security consultants have already demonstrated that they could mix a little hacking and social engineering, and access a power grid control remotely...

Deozaan:
f0dder: Scary stuff! It's like "Live Free or Die Hard" happening in reality!

Navigation

[0] Message Index

[*] Previous page