Hacker News new | past | comments | ask | show | jobs | submit login

I don't have much to add here, but I've been going to Def Con and the other Las Vegas security conferences for a few years. Every year there is a section for infrastructure security (factories, refineries, etc). Its always the smallest section and the least populated. But its simultaneously the "most important" in terms of how much damage can be done from a single attack. Every year I went and was always terrified by all the stuff I saw because all the people hosting booths were like "yeah its dead simple to get in and break things." I feel like so many people could see this coming and there are just no consequences for the companies to incentivize them to do better.



In 50 years I hope to find out it was pulled off by the infrastructure teams who have been arguing for more security all along and that they did some good with the money.


Ha. The people that man the booths there are generally researchers for pen testing companies or universities.

Also, just a cool thing https://www.wired.com/story/evil-bubbles-industrial-pump-hac... There are like tons of attack like this that are possible and they demonstrate those at the booths


It sounds like it may have just been the billing system that was hacked, not the infrastructure.

I've seen similar patterns and so I was surprised by this.


Don't matter if they lock your computer access out and encrypt all the data, ransomware is installed.


Completely agree. If interested check out the documentary Zero Days. Insane, essentially the NSA in tandem with Israel took down Iran's nuclear program by impacting their industrial control units. Many Zero Days were used with nearly an unlimited budget.

[1] https://www.youtube.com/watch?v=C8lj45IL5J4&ab_channel=Madma...




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: