Bloody hell, we've known SCADA systems should be maintained air-gapped or on separate networks for decades. They're mostly treated as unpatchable, regardless of stated EOL. It's been over a decade...
Bloody hell, we've known SCADA systems should be maintained air-gapped or on separate networks for decades. They're mostly treated as unpatchable, regardless of stated EOL. It's been over a decade since Bruce Schneier started reporting on known hacks.
And yet it's soooo convenient to permit remote access.
There's a long list of vendors who've refused to secure their products, particularly Siemens. This casual disregard in the industrial space has basically set the benchmark for consumer IoT security as low as possible, even though your typical PLC may be part of a multi-million dollar piece of equipment. Though there's growing security consciousness about the risks, there's still little national security impetus to hold SCADA vendors accountable. At least until something blows up or melts down.
Bloody hell, we've known SCADA systems should be maintained air-gapped or on separate networks for decades. They're mostly treated as unpatchable, regardless of stated EOL. It's been over a decade since Bruce Schneier started reporting on known hacks.
And yet it's soooo convenient to permit remote access.
There's a long list of vendors who've refused to secure their products, particularly Siemens. This casual disregard in the industrial space has basically set the benchmark for consumer IoT security as low as possible, even though your typical PLC may be part of a multi-million dollar piece of equipment. Though there's growing security consciousness about the risks, there's still little national security impetus to hold SCADA vendors accountable. At least until something blows up or melts down.
I don't have too many thoughts to direct a conversation. I just thought this was a vastly interesting article that ~tech would find interesting.