The H – (International) ICS-CERT warns of increasing threat to industrial control systems. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued a warning about special tools and search engines that make attacks on systems and devices in infrastructures simple even for inexperienced attackers. Tools aimed at cracking digital control systems from companies such as GE, Rockwell Automation, Schneider Electric, and Koyo were released earlier in 2012. Tools for CoDeSys software from 3S Software also recently appeared. These tools lower the barriers for attackers by removing the need for specialist knowledge in order to carry out an attack. Special search engines such as the Shodan Computer Location Service and the Every Routable IP Project (ERIPP) are also making attacks simpler for attackers. One team of researchers told ICS-CERT that they used Shodan to discover more than 500,000 unsecured devices which use supervisory control and data acquisition (SCADA) and other industrial control systems (ICS).
Ali Loney, on October 30, 2012