Security researcher Scott Lunsford recently found that hacking into the SCADA-linked control system of a nuclear power plant was disturbingly easy.
It turned out to be one of the easiest penetration tests I’d ever done,” he says. “By the first day, we had penetrated the network. Within a week, we were controlling a nuclear power plant. I thought, ‘Gosh. This is a big problem.'”
Readers of my book will note that SCADA systems were the doorway through which some particularly devastating attacks were perpetrated in the story. I used this method precisely because such vulnerabilities had been identified and publicized a few years ago; surely, one would think, those flaws would have long-since been found, patched, and armored-over.
Maybe now they will be.