When a large Southern California water system wanted to probe the vulnerabilities of its computer networks, it hired Los Angeles-based hacker Marc Maiffret to test them. His team seized control of the equipment that added chemical treatments to drinking water — in one day.
The weak link: County employees had been logging into the network through their home computers, leaving a gaping security hole. Officials of the urban water system told Maiffret that with a few mouse clicks, he could have rendered the water undrinkable for millions of homes.
"There's always a way in," said Maiffret, who declined to identify the water system for its own protection. The weaknesses that he found in California exist in crucial facilities nationwide, U.S. officials and private experts say.
The same industrial control systems Maiffret's team was able to commandeer also run electrical grids, pipelines, chemical plants and other infrastructure. Those systems, many designed without security in mind, are vulnerable to cyber attacks that have the potential to blow up city blocks, erase bank data, crash planes and cut power to large sections of the country.
Terrorist groups such as Al Qaeda don't yet have the capability to mount such attacks, experts say, but potential adversaries such as China and Russia do, as do organized crime and hacker groups that could sell their services to rogue states or terrorists.
Volkswagen workers in Chattanooga, Tennessee voted to ratify their first union contract Thu rsday, securing pay...
Construction on the nation’s largest infrastructure project can resume after a court ordered the Trump administration...
Eight backcountry skiers have been found dead and one remains missing after an avalanche near Lake...
Six backcountry skiers were stranded and 10 others were missing on Tuesday, Feb. 17, after an...
