Free access to remote controls for industrial plants

A project documenting the Free University of Berlin that are thousands of industrial plants via the Internet, but only inadequately protected worldwide. There was an interactive map, drawn on the potentially vulnerable systems.

scada industrial plants remote control

Recently hosted the German Research Network (DFN) DFN 21 his workshop in Hamburg under the motto security in networked systems. In each case once a year, it brings together experts and interested parties in order to find out about the latest risks and threats to the networked world. Jan-Ole Malchow and John click of the Freie Universität Berlin presented their project, describing the accessibility and vulnerability of SCADA systems via the Internet.

Created with the help of the search engine and other publicly available databases SHODAN Malchow and click a map of the accessibility and vulnerability of control systems. They call them “Industrial Risk Assessment Map (IRAM).” This map locates vulnerable control systems, renames next to the identification, vulnerability and at the same time, the corresponding exploits available.

They observed that the density of control systems increases when a region is economically well developed. Most vulnerable control systems are in the United States. For them, it is all about systems for building and energy management. This is followed by Germany and Italy, where they show up as vulnerable especially field devices – these are components that can affect the production process directly, such as sensors or valves.

In their work, scientists have imposed themselves strict rules and carried out any attacks. This IRAM is not a new tool for criminals; they have already passed on the information obtained at the BSI, for that to warn the operators concerned of control systems.