March 8, 2014

Security Is A Joke!

Fascinating video with Dan Tentler on the Shodan Search Engine...which CNN calls the "scariest search engine on the Internet."

The search engine crawls the Internet for servers, webcams, printers, routers, and every type of vulnerable device you can imagine.

It collects information on more than 500 million devices per month and that was as of last year, so it's already probably a lot more.

Tentler shows the unbelievable amounts and type of things you can access with this, including our critical infrastructure for the country --from utilities to traffic lights, and power plants:

- Private webcams
- Bridges
- Freeways
- Data Centers
- Polycoms
- Fuel cells
- Wind farms
- Building controls for lighting, HVAC, door locks, and alarms
- Floor plans
- Power meters
- Heat pump controllers
- Garage doors
- Traffic control systems
- Hydroelectric plants
- Nuclear power plant controls
- Particle accelerators
- MORE!!!!

Aside from getting information on the IP address, description of the devices, locations (just plug the longitude and latitude into Google for a street location), you can often actually control these devices right from YOUR computer!

The information is online, open to the public, and requires no credentials.

- "It's a massive security failure!"

- "Why is this stuff even online?"

Where is our cyber leadership????

>>>Where is the regulation over critical infrastructure?

If there is a heaven for hackers, this is it--shame on us. :-(

No comments: