LAS VEGAS--While computer users fret about online identity theft and corporate executives worry about digital espionage, security issues in critical infrastructure affecting every single person present even more cause for alarm, an expert said at the Black Hat conference here on Wednesday.
"SCADA (supervisory control and data acquisition) systems are a lot less secure than IT (information technology) systems," Jonathan Pollet, founder of Red Tiger Security, said in his session, titled "Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters."
SCADA systems, used in power companies and utilities to monitor and control processes over wide areas, traditionally have weak firewalls protecting the distributed control and other systems, Pollet said. Recent modernization efforts have brought connectivity to the Internet back to the control environment and use of Windows, opening up new paths for threats, he said. Plus, there are known flaws in smart meters being installed in homes and linked back to critical systems, he added. his session, titled "Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters."
For more on this story, read Expert: Critical system flaws a 'ticking time bomb' on CNET News.