Following up on my post about industrial controller vulnerabilities, it is now being reported that such hacking has been seen “in the wild” – underscoring the importance of securing these systems as quickly as possible.
From the article: (emphasis added) “Hackers illegally accessed the Internet-connected controls of a New Jersey-based company’s internal heating and air-conditioning system by exploiting a backdoor in a widely used piece of software, according to a recently published memo issued by the FBI.
The backdoor was contained in older versions of the Niagara AX Framework, which is used to remotely control boiler, heating, fire detection, and surveillance systems for the Pentagon, the FBI, the US Attorney’s Office, and the Internal Revenue Service, among many others. The exploit gave hackers using multiple unauthorized US and international IP addresses access to a Graphical User Interface (GUI), which provided a floor plan layout of the office, with control fields and feedback for each office and shop area, according to the memo, which was issued in July. All areas of the office were clearly labeled with employee names or area names.”
The controller was reportedly connected to the internet without a firewall.