Re: Chinese scam as AICPA
Posted: Fri Dec 14, 2012 4:11 am
http://www.wired.com/threatlevel/2012/1 ... reach-ics/Hackers broke into the industrial control system of a New Jersey air conditioning company earlier this year, using a backdoor vulnerability in the system, according to an FBI memo made public this week.
The intruders first breached the company’s ICS network through a backdoor in its Niagara AX ICS system, made by Tridium. This gave them access to the mechanism controlling the company’s own heating and air conditioning, according to a memo prepared by the FBI’s office in Newark (.pdf), which was published on Saturday by the website Public Intelligence. News about the memo was first reported by Ars Technica.
The breach occurred in February and March of this year, several weeks after someone using the Twitter moniker @ntisec posted a message online indicating that hackers were targeting SCADA systems, and that something had to be done to address SCADA vulnerabilities.
The individual had used the Shodan search engine to locate Tridium Niagara systems that were connected to the internet and posted a list of URLs for the systems online. One of the IP addresses posted led to the New Jersey company’s heating and air conditioning control system.