In a rare gesture of transparency, the Department of Homeland Security just announced that hackers recently targeted and compromised a public utility's control system. They didn't say exactly where, but it happened inside United States borders. And it doesn't sound like it was even that hard.

Specific details about the breach are scant. However, DHS did say that it thinks the hackers broke into the utility's control system by accessing an internet portal that employees use to sign on remotely. It didn't even require hacking really. The intruders just mounted a "brute force" attack, guessing every possible password combination until they found one that worked. It's a more advanced, probably computer-aided version of the technique when trying to log on to your neighbor's Wi-Fi. It's also more than unsettling that the DHS doesn't know for sure how the hackers did it.

 

Full Article